renu
Start free
← Back to home

Privacy Policy

Last updated: 19 May 2026

Plain English: we hold the minimum data needed to run Renu. We never sell it. Renu does not process customer payments — your customers pay you directly. You can email us to delete your data any time.

Who we are

Renu is a subscription management platform — a CRM tool that helps small service businesses track their recurring customers. Operated by Renu (the “Service”, “we”, “us”). Our base of operations is Dubai, UAE, and we serve business owners internationally. Questions: info@renu.one.

What we collect

  • From business owners: email, password (hashed), business name, business type, country.
  • From end customers:name, phone number, optional email — entered by the customer when signing up via a business’s shared link.
  • For Renu’s own subscription: we use a payment processor to handle the business owner’s monthly fee for Renu. We never see or store card numbers; the processor handles all card data and we only store their customer + subscription IDs.
  • From end customers (subscribers of our users’ businesses): Renu does not process or store any card or payment information. Customers pay business owners directly via their own arrangements (WhatsApp, bank transfer, cash, etc.).
  • Usage data: standard server logs, page views, IP-derived country for currency display.

How we use it

  • To help business owners manage their recurring customer relationships.
  • To send transactional emails (signup confirmations, account notifications).
  • To detect fraud and abuse.
  • To improve the product (aggregated, never identifying).

Who we share data with

Only the third-party providers required to operate Renu:
  • Supabase — database + authentication
  • Polar.sh / Stripe— payment processing for Renu’s own monthly fee (not used for our users’ customer payments)
  • Resend — transactional email delivery
  • Vercel — hosting + edge network

We do not sell your data. We do not share it with advertisers. We do not use it to train AI models on identifying information.

Your rights

Wherever you live — UAE (PDPL), EU (GDPR), UK (UK GDPR), US (CCPA), Canada (PIPEDA), or elsewhere — you have the right to:
  • Access the data we hold about you
  • Correct inaccurate data
  • Delete your data (subject to legal retention)
  • Export your data in a portable format
  • Object to certain processing

Email info@renu.one with subject “Privacy Request.” We respond within 30 days.

Retention

We keep account data while your account is open. After cancellation we retain transaction records for 7 years to comply with global tax and accounting standards. Marketing data is deleted within 90 days of unsubscribing.

International transfers

Your data may be processed in countries outside your own (commonly the EU, US, or Singapore depending on which provider handles it). We rely on standard contractual clauses and provider-level data protection agreements with Supabase, our payment processor, Resend, and Vercel.

Children

Renu is for businesses. We do not knowingly collect data from anyone under 16. Email us if you believe we have and we’ll delete it.

Changes

If we materially change this policy, we’ll notify active users by email at least 14 days before changes take effect.

Contact

info@renu.one — we read every email.

This document aims to comply with applicable privacy laws (UAE PDPL, GDPR, UK GDPR, CCPA, PIPEDA). It is not legal advice. Consult a lawyer in your jurisdiction for binding guidance.