Review Widget

Review Widget

Sign inGet started

Privacy Policy

Last updated: March 2026. Previous version: 22 January 2024.

Your privacy is important to us. This policy describes how we collect, use, and protect your personal information when you use our website and services, including https://review-widget.net. We comply with applicable data protection laws, including the GDPR where applicable.

This website and the services offered under the name "Review Widget" are not operated by, affiliated with, or endorsed by Google LLC. The service is provided solely by the data controller named below and is not a service of Google.

1. Data controller

The data controller responsible for your personal data in connection with Review Widget is:

SKAJ Ventures GmbH
Sonnenlandstraße 4, 14471 Potsdam, Germany
Email: datenschutz@review-widget.net

2. Information we collect

We collect information you provide when using our services and information that is automatically sent by your device when you access our website.

2.1 Log data

When you visit our website, our servers may log standard data provided by your browser (e.g. IP address, browser type and version, pages visited, time and date of visit, time spent on pages, and technical details relating to errors). This information may not by itself identify you personally but may be combined with other data to do so.

2.2 Account and profile data

When you register or use our service we may collect: email address, name, and (if you use password sign-in) a hashed password. If you sign in with Google, we receive basic profile information (e.g. email, name, profile picture) from Google. We may store a last-login timestamp for security purposes.

2.3 Company and business data

When you add or manage companies we store: company name, Google Place ID, and data synced with our widget API (GRW API), including a widget identifier (widget_api_uuid). This data is used to provide the review widget and related services.

2.4 Subscription and billing data

We store subscription and plan information (e.g. Free, Pro) and, where applicable, billing identifiers from our payment provider (Stripe). Payment details are processed by Stripe; we do not store full card numbers.

2.5 Notification preferences and review events

We store your notification preferences (e.g. new review alerts, negative review alerts, frequency). We also store review event data received via webhook from the GRW API (e.g. to send you notifications about new or negative reviews).

2.6 Verification tokens

For email verification and password reset we create short-lived tokens (email, token, expiry). These are deleted or purged after use or expiry.

3. Legal basis for processing (GDPR)

We process personal data only where we have a legal basis:

Contract performance (Art. 6(1)(b)): Account creation, authentication, company and subscription management, and providing the widget and review notification services.
Legitimate interest (Art. 6(1)(f)): Login timestamps for security, rate limiting and abuse prevention.
Legal obligation (Art. 6(1)(c)): Where we must retain or disclose data to comply with law.

4. How we use your information

We use the information we collect to: provide and operate our website and services; create and manage your account; manage companies and widget configuration; sync with the GRW API for widget provisioning; process payments via Stripe; send you notifications about new or negative reviews according to your preferences; communicate with you (e.g. support, security); and comply with legal obligations. We do not sell your personal data to third parties.

5. Third parties and data processors

We use the following categories of service providers, who process data on our behalf and are bound by appropriate agreements:

Hosting and infrastructure (e.g. Vercel); database (e.g. Neon PostgreSQL); email (SMTP) for transactional and notification emails; Stripe for payment processing; the widget API service for widget provisioning and review webhooks; reCAPTCHA for abuse prevention where used; Google Tag Manager if used for analytics (see Cookies). Where these providers are outside the EEA, we ensure appropriate safeguards (e.g. adequacy decisions or standard contractual clauses).

6. Security

We protect personal data with commercially reasonable technical and organisational measures to prevent loss, theft, and unauthorised access, disclosure, or modification. No electronic transmission or storage is 100% secure; we cannot guarantee absolute security. We will comply with applicable laws regarding data breach notification. You are responsible for keeping your password secure.

7. Retention

We keep your data only as long as necessary for the purposes above. Account and company data are retained until you delete your account or the company. Subscription data is retained until cancellation and then as required for legal or accounting purposes. Review events may be retained for a configurable period (e.g. 90 days) or until company deletion. Verification tokens are purged shortly after expiry. Where we must retain data for legal, accounting, or archiving purposes, we do so only to the extent required.

8. Children's privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us and we will delete it.

9. International transfers

Your data may be stored or processed in countries outside your residence. Those countries may not have the same data protection laws. Where we transfer data internationally we do so in accordance with applicable law and ensure appropriate safeguards (e.g. EU standard contractual clauses or adequacy decisions).

10. Your rights

Depending on your location you may have the right to: access your personal data (Art. 15 GDPR); rectification of inaccurate data (Art. 16); erasure (Art. 17); restriction of processing (Art. 18); data portability (Art. 20); object to processing based on legitimate interest (Art. 21); withdraw consent where processing is based on consent; and lodge a complaint with a supervisory authority. To exercise these rights, contact us at the email below. We will not discriminate against you for exercising your rights. If you have agreed to marketing communications you may opt out at any time (e.g. via unsubscribe links or by contacting us).

11. Cookies

We use only strictly necessary cookies (e.g. session cookie for authentication). We do not use tracking or advertising cookies for our own purposes. If we use Google Tag Manager or similar tools, their use will be described here or in a cookie notice. You can control cookies through your browser settings.

12. Limits of this policy

Our website may link to external sites we do not operate. We are not responsible for their content or privacy practices. We encourage you to read their policies.

13. Changes

We may update this policy from time to time to reflect changes in our practices, law, or regulation. We will post the updated version at this same link. Where required by law we will obtain your consent or give you the opportunity to opt in or opt out of new uses of your data.

14. Contact

For any questions or concerns about this privacy policy or your personal data, or to exercise your rights, contact our data protection contact:

Data protection officer / Contact: datenschutz@review-widget.net

Review Widget

Review Widget

Privacy Policy

Data Protection

Imprint

Help Center

© Copyright - Google Review Widget - The service of this website is not performed by or directly related to the company Google LLC.