Privacy Policy

Last updated: April 7, 2026

This Privacy Policy explains how Ravinaro ("we", "us", or "our") collects, uses, stores, and protects your personal information when you use our website and services.

We are committed to protecting your privacy and being transparent about our data practices. This policy applies to all information collected through our website at ravinaro.com, our service booking platform, and any related communications.

Information We Collect

We collect different types of information depending on how you interact with our website and services.

Information You Provide

When you fill out forms on our website, book a service, or contact us, you may provide:

  • Contact information: name, email address, phone number, and country
  • Business information: company name, registration number, billing address, role title, and website
  • Project details: service preferences, scope descriptions, timelines, and budget ranges
  • Files: documents you upload through our forms (e.g., project briefs, PDFs)
  • Communication preferences: preferred contact method and time
  • Newsletter subscription: email address

Account Information

When you create an account or sign in, we collect:

  • Google OAuth: email address, name, and profile photo (when you sign in with Google)
  • Email and password: when you register directly on our platform
  • Phone number: when you verify your identity via SMS one-time password (OTP)
  • Verification status: whether your email and phone number have been verified

Payment Information

When you make a payment, your payment is processed securely by Stripe. We do not store your credit card number, CVV, or full payment method details on our servers. We do store:

  • Transaction references: Stripe session ID and payment intent ID
  • Payment details: amount, currency, and payment status
  • Voucher codes: if you apply a discount code

Automatically Collected Information

When you visit our website, we automatically collect certain information for security, fraud prevention, and analytics purposes:

  • Device fingerprint: a one-way hash generated from your browser characteristics (user agent, language, connection type). This hash cannot be reversed to identify you personally
  • IP address hash: a one-way hash of your IP address, used for fraud detection. We do not store your raw IP address
  • Analytics data: pages visited, session duration, referring pages, device type, browser type, and approximate geographic location (via Google Analytics)
  • Browser storage: language and locale preferences stored in your browser (localStorage and cookies)

How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: to process your bookings, manage your projects, and provide the services you request
  • Communication: to send you booking confirmations, project updates, payment receipts, and respond to your inquiries
  • Account management: to create and manage your account, verify your identity, and maintain your dashboard
  • Security and fraud prevention: to protect our platform from fraudulent activity using device fingerprinting and reCAPTCHA verification
  • Analytics and improvement: to understand how visitors use our website and improve our services, content, and user experience
  • Legal compliance: to comply with applicable laws, regulations, and legal processes
  • Marketing: to send you our newsletter if you have opted in (you can unsubscribe at any time)

Cookies & Tracking Technologies

We use cookies and similar technologies (such as localStorage) to enhance your experience and analyze site usage. For detailed information about the specific cookies we use, their purposes, and how to manage them, please see our Cookies Policy.

In summary, we use strictly necessary cookies for core functionality, functional cookies for your preferences, and analytics cookies to understand site usage.

Google Analytics

We use Google Analytics 4 (GA4) to understand how visitors interact with our website. GA4 collects information such as:

  • Pages you visit and how long you spend on them
  • How you arrived at our website (referral source, search terms)
  • Device and browser information (type, screen resolution, operating system)
  • Approximate geographic location (country, city — derived from IP address, which is then anonymized)
  • Interactions with our website (clicks, scrolls, form submissions)

GA4 sets the following cookies on your device:

_ga: Distinguishes unique visitors. Duration: 2 years

_ga_[ID]: Maintains session state. Duration: 2 years

You can opt out of Google Analytics by:

  • Using our cookie consent banner to decline analytics cookies
  • Installing the Google Analytics Opt-out Browser Add-on
  • Configuring your browser to block third-party cookies

For more information, see Google's Privacy Policy.

Third-Party Services

We use the following third-party services to operate our website and deliver our services. Each service may process your data according to their own privacy policies.

Firebase (Google)

We use Firebase for user authentication, database storage, and file storage. Firebase processes your account information, booking data, and uploaded files. Firebase is operated by Google and data is stored on Google Cloud infrastructure. Google Privacy Policy.

Stripe (Payment Processing)

When you make a payment, you are redirected to Stripe's secure checkout page. Stripe processes your payment method details directly — we never see or store your full card information. Stripe may set cookies on their domain to process your payment securely. Stripe Privacy Policy.

Google reCAPTCHA

We use Google reCAPTCHA v3 to protect our forms from spam and abuse. reCAPTCHA analyzes your interaction with our site (such as mouse movements and browsing patterns) to determine if you are a human visitor. This analysis happens in the background without requiring you to solve a challenge. Google reCAPTCHA Privacy.

Resend (Email Service)

We use Resend to send transactional emails such as booking confirmations, payment receipts, project updates, and newsletter communications. Resend processes your email address and name to deliver these emails. Resend Privacy Policy.

Google Business Profile

We display customer reviews from Google Business Profile on our website. This may include the reviewer's name, profile photo, and review content as made publicly available through Google.

Google Analytics

We use Google Analytics 4 to analyze website traffic and usage patterns. See the Google Analytics section above for full details. Google Privacy Policy.

Data Storage & Security

We take the security of your data seriously and implement appropriate measures to protect it.

  • Infrastructure: your data is stored on Google Cloud (Firebase) infrastructure, which provides enterprise-grade security, encryption at rest, and encryption in transit
  • Data hashing: sensitive identifiers such as IP addresses, user agents, and device fingerprints are stored as one-way SHA-256 hashes — they cannot be reversed to reveal the original data
  • Authentication security: passwords are handled by Firebase Authentication and are never stored in plaintext. We support secure sign-in via Google OAuth and phone OTP verification
  • Payment security: all payments are processed through Stripe's PCI DSS Level 1 certified platform. We never store your full payment card details
  • Audit logging: we maintain audit logs of significant account and booking events for security monitoring and fraud prevention. These logs contain hashed identifiers, not raw personal data
  • Access controls: access to personal data is restricted to authorized personnel who need it to provide our services

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by law.

Account data: retained for the duration of your account. You can request deletion of your account at any time

Booking and project records: retained for the duration of the service engagement plus a reasonable period for follow-up, invoicing, and legal compliance (typically up to 7 years for financial records)

Audit logs: retained for security and fraud prevention purposes, typically for up to 3 years

Analytics data: Google Analytics data is retained according to our GA4 configuration settings (default: 14 months)

Newsletter subscription: your email is retained until you unsubscribe

Cookies and browser storage: see our Cookies Policy for specific durations

Your Rights

Depending on your location, you may have the following rights regarding your personal data under applicable data protection laws (including the GDPR and similar regulations):

  • Right of access: you can request a copy of the personal data we hold about you
  • Right to rectification: you can ask us to correct inaccurate or incomplete data
  • Right to erasure: you can ask us to delete your personal data, subject to legal retention requirements
  • Right to restriction: you can ask us to limit how we process your data in certain circumstances
  • Right to data portability: you can request your data in a structured, machine-readable format
  • Right to object: you can object to our processing of your data for certain purposes, including direct marketing
  • Right to withdraw consent: where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at privacy@ravinaro.com.

We will respond to your request within 30 days. If we need more time, we will inform you of the reason and extension period.

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data in accordance with applicable laws.

International Data Transfers

Our third-party service providers (including Google/Firebase, Stripe, and Resend) operate globally and may process your data in countries outside your country of residence. These providers implement appropriate safeguards for international data transfers, including Standard Contractual Clauses (SCCs) and other mechanisms approved under applicable data protection laws.

By using our services, you acknowledge that your data may be transferred to and processed in countries with different data protection laws than your own.

Children's Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us at privacy@ravinaro.com and we will promptly delete it.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable laws. When we make changes, we will update the "Last updated" date at the top of this page.

For significant changes, we may also notify you by email or through a notice on our website. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Privacy inquiries: privacy@ravinaro.com

General inquiries: info@ravinaro.com

You can also reach us through our contact page.

For related information, please also review our Cookies Policy & Terms & Conditions.