ReplyForMeGet Started

Privacy Policy

Last updated: June 15, 2026

Plain-English Summary

ReplyForMe uses your Google Business Profile data only to provide the service you signed up for — connecting locations, reading reviews, generating replies, and posting those replies when enabled. We do not sell your Google Business Profile data or review data.

The rest of this page explains exactly what we collect, why, and who we work with — in plain language. Questions or a deletion request? Email support@replyforme.ai.

What ReplyForMe Does

ReplyForMe connects to your Google Business Profile, reads your reviews, uses AI to draft personalized replies, and — when you enable it — posts those replies for you. To make that work, we need to collect and process some information, which we describe below.

Google Business Profile Access

When you connect your Google account, we access your Google Business Profile data to provide the core features of the Service: connecting your locations, reading your reviews, generating replies, and posting or removing replies on your behalf.

We request the business.manage scope, which lets us read your locations, read reviews, and post, update, and delete review replies (the last one powers the undo feature). We use this access only to provide the features you signed up for — nothing else.

Posting Replies on Your Behalf

When you turn on autopilot or approve a drafted reply, you authorize us to post, update, or remove that reply on your connected locations. You control these settings and can change them anytime.

Data We Collect

  • Account & profile — your Google account email and basic profile info used to sign you in
  • Google identifiers & OAuth tokens — used to keep your Google Business Profile connected (stored server-side, never exposed to your browser)
  • Google Business Profile data — your account and location details, including business names and addresses
  • Reviews & replies — review text, ratings, reviewer display names and timestamps from Google, and the replies we generate and post
  • Settings & business context — your tone, autopilot, and notification preferences, plus any business context you add (like category, services, and reply guidance)
  • Billing metadata — your Stripe customer ID, subscription status, plan, location count, and trial status (not your card details)
  • Email metadata — records of the notification and reminder emails we send you, such as type, recipient, and status
  • Usage, log & security data — technical and security information generated as you use the Service
  • Support messages — anything you send us when you reach out for help

How We Use Data

We use this information to provide, secure, improve, and support ReplyForMe. In practice, that means we:

  • Sign you in and operate your account
  • Connect and manage your Google Business Profile locations
  • Read new reviews and generate replies
  • Post, update, or remove replies based on your settings
  • Send review notifications and setup reminder emails
  • Process your billing and subscription through Stripe
  • Keep the Service running, secure, and debuggable
  • Respond when you contact support

AI-Generated Review Replies

We use AI providers to help generate review replies. To write a reply, we send the review text and rating, the reviewer's public display name, your business name and location, and the business context you've provided (like category, services, and tone) to our AI provider (currently Google Gemini) — solely to generate that reply.

We don't send your OAuth tokens, password, or payment information to the AI provider, and we don't sell your Google Business Profile data or review data. The AI provider processes the data it receives under its own terms to generate the reply.

Data We Do Not Sell

We do not sell your Google Business Profile data or review data — ever. We also don't use your data for advertising. We share information only with the service providers listed below, and only as needed to run ReplyForMe.

Who We Share Data With

We share information with these service providers only as needed to operate the Service. Each has its own privacy policy.

  • Google APIs / Google Business Profile — to read reviews and post replies
  • Google Gemini — our AI provider for generating replies (receives the data described above)
  • Stripe — payment processing (receives your email and payment details)
  • Resend — sends your notification and reminder emails (receives your email address and email content)
  • Supabase — database hosting (stores application data)
  • Vercel — application hosting

Payment Information

Stripe handles payments for us. Your full payment card details are collected and stored by Stripe, not by ReplyForMe. We only keep billing metadata like your Stripe customer ID and subscription status.

How We Protect Your Data

  • OAuth tokens are stored server-side and never exposed to your browser
  • We use encrypted session cookies and serve everything over HTTPS
  • Data is stored with reputable infrastructure providers, and access to production systems is limited to authorized people

We use encrypted session cookies and reasonable security safeguards to protect your information. No system is ever completely secure, so we can't promise absolute security — but we take this seriously.

Data Retention and Deleting Your Data

We keep your information for as long as needed to provide the Service and for legitimate purposes like meeting legal obligations, resolving disputes, maintaining security, and keeping business records. In practice:

  • When you disconnect Google or delete your account, we take steps to remove or disable your stored access credentials within a reasonable period
  • We keep review data and reply history only as long as needed to provide the Service and for record-keeping, and remove it when it's no longer needed
  • Billing records may be kept as required for tax and accounting
  • You can ask us to delete your data anytime by emailing support@replyforme.ai, and we'll honor valid requests

Revoking Access and Your Choices

You're in control. You can disconnect ReplyForMe and revoke our access anytime through your Google Account permissions at myaccount.google.com/permissions (this will limit or disable the Service). You can also request a copy or deletion of your data, or cancel your subscription, at any time.

Google API Limited Use

ReplyForMe's use of information received from Google APIs follows the Google API Services User Data Policy, including its Limited Use requirements. In short: we use Google data only to provide and improve user-facing features of ReplyForMe, and we never sell it.

Children's Privacy

ReplyForMe is a tool for businesses, not for children, and isn't directed to anyone under 18.

Changes to This Policy

We may update this policy from time to time. If we make a material change, we'll let active users know by email.

Contact Us

For any privacy question or request — including deleting your data — email us at support@replyforme.ai.