ReplyForMe.aiGet Started

Privacy Policy

Last updated: February 4, 2026

Overview

ReplyForMe (“we”, “our”, “us”) operates replyforme.ai. This policy explains how we collect, use, and protect your information when you use our service.

What We Collect

When you connect your Google Business Profile, we access and store:

  • Google account email address — to identify your account
  • OAuth tokens — to maintain your connection to Google Business Profile (encrypted at rest)
  • Business location data — names and addresses of your Google Business Profile locations
  • Google reviews — review content, ratings, and reviewer display names for your connected locations
  • Review replies — replies we generate and post on your behalf

We do NOT collect:

  • Passwords
  • Payment card numbers (payments processed by Stripe)
  • Personal data about your customers beyond what appears in public Google reviews

How We Use Your Data

We use your data solely to:

  • Read new Google reviews for your connected locations
  • Generate and post review replies according to your settings
  • Send you email notifications about new reviews and replies
  • Provide monthly insight reports on review trends

We do NOT:

  • Sell your data to third parties
  • Use your data for advertising
  • Share your data with anyone except as needed to provide the service (e.g., Google APIs, email delivery)

Google API Scopes

We request the business.manage scope, which allows us to:

  • Read your business locations
  • Read reviews on your locations
  • Post replies to reviews on your behalf
  • Delete review replies (for the undo feature)

You can revoke access at any time through your Google Account settings at https://myaccount.google.com/permissions.

Data Storage & Security

  • Data is stored in secure, encrypted databases (Supabase/PostgreSQL)
  • OAuth tokens are stored server-side and never exposed to the browser
  • We use HTTPS for all data transmission
  • Access to production systems is restricted to authorized personnel

Data Retention

  • We retain your data for as long as your account is active
  • If you disconnect your Google account or cancel your subscription, we delete your stored tokens within 30 days
  • Review data may be retained for up to 90 days after account closure for record-keeping, then deleted

Third-Party Services

We use the following third-party services:

  • Google Business Profile API — to read reviews and post replies
  • Stripe — for payment processing
  • Supabase — for database hosting
  • Vercel — for application hosting

Each has their own privacy policy governing their handling of data.

Your Rights

You can:

  • Request a copy of your stored data
  • Request deletion of your data
  • Disconnect your Google account at any time
  • Cancel your subscription at any time

Contact us through the form on our website for any privacy-related requests.

Children's Privacy

ReplyForMe is a business tool and is not intended for use by anyone under 18.

Changes to This Policy

We may update this policy from time to time. We will notify active users of material changes via email.

Contact

For questions about this privacy policy, contact us through the form on our website.