RevvedUp
Sign In

Last updated: March 2026

Privacy Policy

RevvedUp ("we", "our", "us") is committed to protecting your privacy. This policy explains what personal information we collect, how we use it, who we share it with, and what rights you have. By using RevvedUp you agree to this policy.

1. Who We Are

RevvedUp is an Australian car-culture events platform. We connect car enthusiasts, event organisers, dealerships, and automotive creators across Australia. Our website is operated from Australia and primarily serves Australian users, though anyone worldwide may access it.

2. Information We Collect

2.1 Account & Profile Information

When you register, we collect:

  • Email address (required for authentication)
  • Full name and username
  • Profile photo and optional header image
  • Bio, location, and favourite car (optional)
  • Account type (Enthusiast, Organisation, or Dealership)

2.2 Organisation & Dealership Profiles

If you hold an Organisation or Dealership account, we additionally collect:

  • Organisation or dealership name and logo
  • Business website URL, phone number, and physical address
  • Organisation type (car club, event organiser, motorsport club, dealership)

2.3 Garage & Vehicle Data

When you add a car to your garage we collect the year, make, model, variant, colour, modifications, a description, and photos. This information is visible to other logged-in users and forms part of your public profile.

2.4 Event Participation Data

  • RSVPs and attendance status (going / maybe / not going)
  • Ratings and written reviews you submit for events
  • Comments and chat messages you post on event pages
  • Event photos and captions you upload

2.5 Guest List Data (Encrypted)

For invite-only events, organisers may add guests. Guest names are stored in plaintext; guest email addresses and phone numbers are encrypted using AES-256-GCM with a 256-bit key before being stored. A one-way SHA-256 hash of each email is stored for deduplication purposes only. Guests are never visible to other platform users.

2.6 Creator Portfolio Data

Creator accounts (photographers and videographers) may provide a display name, bio, social media links (Instagram, YouTube, TikTok), location, and portfolio images linked to events.

2.7 Advertising & Booking Data

When you purchase an advertising placement (Hero Takeover or Calendar Spot), we collect the campaign content you provide (headlines, images, videos, call-to-action URLs), your acceptance of our advertising terms, and payment references from Stripe. We do not store your card details — these are handled entirely by Stripe.

2.8 Analytics & Usage Data

We automatically collect:

  • Pages you visit and the URL that referred you
  • Impressions and clicks on sponsored placements
  • A random session ID stored in your browser's session storage (ru_sid)
  • Your user ID if you are logged in at the time of an event

This data is retained for 12 months and then automatically deleted.

3. How We Use Your Information

  • To create and maintain your account and provide platform features
  • To display your public profile to other users
  • To show you relevant events and notify you of activity
  • To process advertising bookings and report campaign performance to advertisers
  • To moderate content and enforce our community standards
  • To analyse platform usage and improve the product
  • To comply with legal obligations and resolve disputes

4. Subscription Tiers & Data Access

The features available to you — and therefore the data we collect — depend on your subscription tier:

TierAdditional Data Collected
Free EnthusiastProfile, RSVPs, comments, ratings, garage (up to 3 cars / 3 photos each)
Pro Enthusiast ($12.95/mo)Everything above + unlimited garage, creator portfolio, event creation data
Organisation ($29.95/mo)Everything above + org branding, guest lists (encrypted), invitations, advertising campaign data

Subscription payments are processed by Stripe. We store only your Stripe session and payment intent IDs — never your card details.

5. Sharing Your Information

We do not sell your personal information. We share data only in these circumstances:

5.1 Publicly Visible Information

Your display name, profile photo, bio, garage, events you organise, and any public content you post (comments, photos, ratings) are visible to all visitors of the platform.

5.2 Service Providers

  • Supabase — our database, authentication, and real-time infrastructure provider. Data is stored on Supabase's infrastructure. See Supabase's privacy policy at supabase.com/privacy.
  • Stripe — payment processing for advertising bookings and subscriptions. Your payment data is subject to Stripe's privacy policy at stripe.com/privacy.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect the rights, property, or safety of RevvedUp, our users, or the public.

5.4 Event Collaborators

If you are added as an event collaborator (co-organiser, sponsor, media, etc.), your display name and logo may be publicly shown on the event page. You may contact us to be removed.

6. Cookies & Tracking

We use essential cookies and browser storage to operate the platform. For full details, see our Cookie Policy. A consent banner is shown on your first visit and you may withdraw non-essential consent at any time.

7. Data Retention

  • Account and profile data is kept for as long as your account is active
  • Events and associated data are automatically deleted 12 months after the event date
  • Analytics data (page views, impressions, clicks) is deleted after 12 months
  • Ad booking records are deleted 12 months after the campaign ends or is cancelled
  • On account deletion we will remove your personal data within 30 days, subject to legal retention obligations

8. Data Security

We implement appropriate technical and organisational measures to protect your data:

  • All data in transit is encrypted via HTTPS/TLS
  • Database access is controlled by Row-Level Security policies — users can only access their own data
  • Guest list emails and phone numbers are encrypted at the application layer using AES-256-GCM before storage
  • Authentication is managed by Supabase Auth using industry-standard JWT tokens
  • Passwords are never stored or accessible to RevvedUp

9. Your Rights

Depending on your location (including under Australian Privacy Act 1988, GDPR for EU users, and similar laws), you may have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — ask us to correct inaccurate or incomplete data
  • Deletion — request deletion of your account and personal data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to certain processing activities (e.g. analytics)
  • Withdraw consent — withdraw cookie consent at any time via our cookie settings

To exercise any of these rights, please contact us via the Contact page. We will respond within 30 days.

10. Children's Privacy

RevvedUp is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of RevvedUp after changes constitutes your acceptance of the updated policy. For significant changes we will notify registered users by email.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please reach out via our Contact page.

Cookie PolicyContact UsBack to Home