Data Handling
How RevKeen stores, processes, and protects personal and financial data
RevKeen processes personal and financial data on behalf of merchants. This page explains where your data lives, how it is protected, and what controls you have over it.
Data Storage Locations
RevKeen stores data in the European Union to meet GDPR requirements and minimize latency for EU-based operations.
| Data Type | Location | Provider |
|---|---|---|
| Primary database (merchants, customers, invoices, transactions) | Frankfurt, Germany (eu-central-1) | Supabase (managed PostgreSQL) |
| Application services and API | Ireland (eu-west-1) | AWS Fargate |
| Background job execution | EU region | Trigger.dev Cloud |
| Secrets and credentials | EU region | Infisical |
| Static assets and checkout pages | Global edge (origin EU) | Vercel / Cloudflare |
| Observability and logs | EU region | Grafana Cloud |
No primary data is stored outside the EU. Edge caching of static assets (CSS, JavaScript, images) uses global CDN nodes but does not cache personal or financial data.
Encryption
At Rest
All data stored by RevKeen is encrypted at rest:
- Database -- Supabase uses AES-256 encryption for all PostgreSQL data and backups.
- Object storage -- Files stored in S3 use server-side encryption (SSE-S3 with AES-256).
- Secrets -- Infisical encrypts all secrets using envelope encryption before storage.
In Transit
All data in transit is encrypted:
- Browser to RevKeen -- TLS 1.2 or higher on all public endpoints. HSTS headers enforce HTTPS.
- Service to service -- Internal communication between RevKeen services uses TLS.
- RevKeen to gateway -- API calls to payment gateways use TLS with certificate validation.
- Database connections -- All connections to Supabase require SSL.
GDPR Compliance
RevKeen operates as a data processor on behalf of merchants (data controllers). Our GDPR commitments:
| Principle | How RevKeen Complies |
|---|---|
| Lawful basis | RevKeen processes data based on the merchant's contractual relationship with their customers. Merchants are responsible for establishing lawful basis. |
| Data minimization | RevKeen collects only the data necessary to process payments, generate invoices, and provide the platform's features. |
| Purpose limitation | Customer data is used only for the merchant's billing and payment operations. RevKeen does not sell or share data with third parties for marketing. |
| Storage limitation | Data is retained according to configurable retention policies (see below). |
| Right of access | Merchants can export all customer data through the dashboard or API. |
| Right to erasure | Merchants can request deletion of customer data, subject to legal retention requirements for financial records. |
| Data portability | All data is exportable in standard formats via the API. |
| Breach notification | RevKeen will notify affected merchants within 72 hours of confirming a personal data breach. |
A Data Processing Agreement (DPA) is available upon request. Contact privacy@revkeen.com.
Data Retention Policies
RevKeen retains data according to the following defaults. Merchants may have additional obligations under local financial regulations.
| Data Category | Default Retention | Reason |
|---|---|---|
| Transaction records | 7 years | Financial record-keeping and tax compliance |
| Invoice data | 7 years | Legal requirement for financial documents |
| Customer personal data | Duration of merchant account + 90 days | Active use, then cleanup window |
| Payment tokens | Until customer or merchant deletes | Required for recurring payments |
| Audit logs | 2 years | Security and compliance investigations |
| Session data | 30 days | Operational use |
| Analytics events | 1 year | Product analytics and checkout optimization |
After the retention period, data is permanently deleted. Deletion is irreversible.
Data Export and Deletion
Export
Merchants can export their data at any time:
- Dashboard -- Export invoices, transactions, and customer records as CSV from the dashboard.
- API -- Use the RevKeen API to programmatically retrieve all data associated with your merchant account.
Exports include all data RevKeen stores for your account, including customer details, transaction history, invoice records, and subscription data.
Deletion
To request data deletion:
- Individual customer data -- Delete a customer record through the dashboard or API. Associated personal data is removed, while anonymized transaction records are retained for financial compliance.
- Full account deletion -- Contact support@revkeen.com to request complete deletion of your merchant account and all associated data. This is processed within 30 days.
Certain data cannot be deleted before the legally mandated retention period (for example, transaction records required for tax compliance).
Third-Party Data Processors
RevKeen uses the following third-party services that may process your data:
| Processor | Purpose | Data Shared | Location |
|---|---|---|---|
| Supabase | Database hosting | All merchant and customer data | Frankfurt, EU |
| AWS | Application hosting, storage | Application data, logs | Ireland, EU |
| NMI (or merchant's gateway) | Payment processing | Transaction amounts, tokenized card references | Varies by gateway |
| Quaderno | Tax calculation and invoicing | Customer address, transaction amounts | EU |
| Novu | In-app notifications | Notification content, subscriber IDs | EU |
| Trigger.dev | Background job processing | Job payloads (merchant IDs, task parameters) | EU |
| Grafana Cloud | Observability and monitoring | Application logs and metrics (no PII in normal operation) | EU |
| Infisical | Secrets management | Encrypted API keys and credentials | EU |
RevKeen maintains data processing agreements with all sub-processors. We evaluate each processor's security practices before integration and monitor them on an ongoing basis.
Secrets Management
Sensitive credentials -- such as gateway API keys, webhook signing secrets, and internal service tokens -- are managed through Infisical:
- Secrets are encrypted at rest and in transit.
- Access is scoped by environment (production, staging, development).
- Secret access is logged for audit purposes.
- Secrets are injected into services at runtime and are never written to disk or committed to source control.
- Rotation is supported without service downtime.
If you need to rotate your gateway credentials or API keys, you can do so through the RevKeen dashboard. The change takes effect immediately.