ReplySentinel

Privacy Policy

Last updated: January 1, 2025

This Privacy Policy explains how ReplySentinel LLC ("ReplySentinel," "we," "us," or "our") collects, uses, and protects your information when you use our Service.

1. Information We Collect

Business Information

  • Business name, address, phone number, and website
  • Google Business Profile Place ID and manager access credentials (OAuth token)
  • Google review content (text, star ratings, reviewer names)
  • Contact name and email address

Payment Information

Payment is processed by Paddle. We do not store credit card numbers or payment details. We retain Paddle customer and subscription IDs for billing management.

Usage Data

  • Dashboard login activity
  • Email open and click events
  • Review reply generation and posting logs

2. How We Use Your Information

  • To provide the Service (monitor reviews, generate and post replies)
  • To send you operational emails (onboarding, alerts, reports)
  • To process billing through Paddle
  • To improve our AI reply quality (aggregated, anonymized data only)
  • To comply with legal obligations

3. Data Storage and Security

All data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure with encryption at rest and in transit. OAuth tokens are encrypted before storage. Access is restricted to authorized personnel only.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Supabase — Database and authentication (supabase.com/privacy)
  • Paddle — Payment processing (paddle.com/privacy)
  • Resend — Email delivery (resend.com/privacy)
  • Google — Business Profile API access (policies.google.com/privacy)
  • Anthropic — AI reply generation (anthropic.com/privacy)
  • Vercel — Application hosting (vercel.com/legal/privacy-policy)

5. Data Retention

We retain your data for as long as your account is active and for 90 days after cancellation. After that period, all personal data is permanently deleted. Review text and replies may be retained in anonymized form for AI improvement purposes.

6. Your Rights

You have the right to:

  • Access your personal data by contacting us
  • Correct inaccurate information in your account
  • Delete your account and all associated data
  • Port your data (reviews and reply history) in JSON format
  • Object to marketing communications at any time

To exercise any right, email privacy@replysentinel.com. We respond within 30 days.

7. GDPR (EU/UK Users)

Our lawful basis for processing B2B contact data is legitimate interest. We maintain Data Processing Agreements with all sub-processors listed above. If you are located in the EU or UK and have concerns about data processing, you may lodge a complaint with your local supervisory authority.

8. CAN-SPAM / Marketing Emails

Cold outreach emails to prospective clients comply with CAN-SPAM: accurate FROM and subject lines, physical address included, one-click unsubscribe honored within 24 hours.

9. Changes to This Policy

We will notify you by email of material changes to this policy before they take effect. Continued use of the Service constitutes acceptance.

10. Contact

ReplySentinel LLC
123 Main Street
Austin, TX 78701
privacy@replysentinel.com