The fine print

Privacy Statement.

Last updated 11 June 2026 · Groningen, the Netherlands

How REVENU Academy handles personal data across all its products.

Who we are

REVENU Academy is a sole proprietorship registered in the Netherlands with the Dutch Chamber of Commerce (KvK) under number 84155841, address Akerkhof 24 e, 9711 JC Groningen. Founder and data controller: Thessa.

Questions about your data: hello@revenu-academy.nl.

What we collect

We collect the minimum needed to run the service:

• Account data. Your email address and a hashed password, so you can sign in.
• Product data. The niche, ideas, prompts and copy you create inside our tools. Stored against your account.
• Usage data. Basic technical information about how the site is accessed (device type, error logs, cookie choice) so we can keep the site running and fix issues.
• Order data. Purchase history and invoice details when you buy a product, processed by our payment provider.

Why we process your data

We process personal data on the following legal grounds:

• Performance of a contract. To provide the account, the tool, and any product you purchase.
• Legitimate interest. To keep the service secure and stable.
• Consent. For optional cookies, only after you accept the cookie banner.
• Legal obligation. To keep order and invoice data for as long as Dutch tax law requires.

Service providers

We work with a small number of trusted processors who each see only the data they need to do their job:

• Supabase. Authentication and database hosting.
• Vercel. Website hosting and content delivery.
• Anthropic. The AI model that generates copy from your inputs.
• ThriveCart. Checkout and payment processing.
• Google Analytics (Google LLC). Marketing and analytics cookies, only loaded if you accept optional cookies. Used to measure how the site is used and to support advertising performance.
• Meta Pixel (Meta Platforms, Inc.). Marketing cookies for Facebook and Instagram advertising, only loaded if you accept optional cookies. Used to measure ad performance and to show relevant ads to similar audiences.

All processors are GDPR-compliant. Google Analytics and Meta may transfer data outside the EU under the EU-US Data Privacy Framework. We never sell your data and we do not share it with anyone outside the providers listed above.

Cookies

We use two categories of cookies:

• Essential. One cookie remembers your cookie choice for one year so the banner does not reappear. Always set, regardless of your choice.
• Marketing and analytics. If you accept optional cookies, we load Google Analytics and the Meta Pixel. These are marketing cookies: they measure how the site is used, attribute purchases to ad campaigns, and help us show ads to people who have visited the site or look like our customers. If you decline, neither is loaded and only the essential cookie is set.

You can change your choice at any time by clearing your cookies for this site, which makes the banner reappear.

How long we keep your data

Account and product data are retained for as long as you have an account. On request we delete your account within 30 days. Order and invoice data are kept for 7 years, as required by Dutch tax law.

AI tool data. User data stored inside our AI-powered tools, including any inputs, prompts, generated outputs, and account-linked content, is automatically deleted after 6 months of inactivity. Inactivity is measured per tool: for SellbySunday, 6 months without any tool actions (generate, save, edit) following your most recent payment; for Sold Out Salespage AI, 6 months without any tool actions. Any of these actions within the window resets the timer. We are not required to send a reminder before deletion.

Your rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your data
• Receive your data in a portable format
• Object to or restrict certain processing
• Withdraw consent at any time

To exercise any of these rights, email hello@revenu-academy.nl. We respond within 30 days. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Security

All traffic is encrypted via HTTPS. Passwords are stored as salted hashes, never in plain text. Account data is access-locked to the account owner. Credentials are rotated regularly and never committed to source control.

Changes to this statement

We may update this privacy statement from time to time. The date at the top reflects the latest version. For material changes, we will notify you by email. Continued use of the service after a change means you accept the updated statement.

See also our General Terms and Conditions or read the Dutch version: Privacyverklaring.