RevSure Data Security FAQ's

This page is part of RevSure’s Comprehensive FAQs, your all-in-one hub for answers on capabilities, data, security, scalability, configurability, and more. Click here to return to the FAQ home.

This FAQ addresses common legal and security questions RevSure receives regarding AI usage, PII handling, data protection, and platform-level guarantees. It provides clarity on our configuration options, contractual commitments, and the safeguards we’ve implemented in collaboration with Google Gemini.

1. Does RevSure’s AI have access to PII?

No. RevSure supports PII masking configurations that guarantee no personally identifiable information is shared with GenAI tools. Customers can activate these controls to ensure full compliance with internal AI use policies.

2. Is customer data used to train RevSure’s or any third-party AI models?

Absolutely not. RevSure:

  • Does not train or fine-tune any GenAI models (e.g., Google Gemini) using customer data.
  • Uses customer metadata and behavioral context solely to generate insights and summaries, not for model training.

3. Does RevSure indemnify customers in the event of data misuse or breach?

Yes. RevSure is contractually bound to indemnification clauses and a Data Processing Agreement (DPA) which cover failures to comply with data usage terms or unauthorized data exposure.

4. Where and how is customer data processed by GenAI?

RevSure uses Google Gemini via Google Cloud, which provides the following protections:

a. Prompt and Response Guardrails

  • Prompts and GenAI responses are not used for training any models.
  • Enterprise customer data is ringfenced and compartmentalized.

b. Encryption Standards

  • Data is encrypted in transit and at rest using enterprise-grade protocols.

c. Identity & Access Management

  • Fine-grained access controls and authentication safeguards are in place to enforce least-privilege access.

d. Regulatory Compliance

  • Google Gemini complies with: GDPR, CCPA, ISO/IEC 27001
  • Practices include sensitive data masking, auditable controls, and privacy-first governance models.

5. Can RevSure isolate our data within our own environment?

Yes. All customer data stays within your RevSure instance, and access to GenAI can be governed by PII redaction settings, ensuring no sensitive data leaves your control boundary.

6. Why this is not a "sale or share" under CCPA?

Both PDL and Snitcher are engaged as service providers under contractual terms that prohibit them from retaining, selling, or using the IP for any purpose beyond returning the lookup result. 

Any person or company level profiles identified by RB2B are collected solely for the purpose of transmitting them directly to RevSure and to RevSure’s customers.  This data is used exclusively for its intended purpose and is not sold or shared with any parties outside of its intended recipient.

We can provide copies of these agreements upon request.