Privacy Policy

Last updated: March 4, 2026

Hey, thanks for trusting us

We're Reploi — a small team building tools that help local businesses handle their Google reviews faster and better. We know privacy matters to you, so here's a straightforward breakdown of what we collect, why we collect it, and what we do (and don't do) with your information.

Our website is reploi.com. When we say “Reploi”, “we”, or “us” below, we mean the company behind this product.

What we collect (and why)

We only collect what we actually need to run the service for you:

  • Your email and name — so you can log in and we can reach you about your account. That's it.
  • Google Business connection — when you link your Google Business Profile, we store encrypted OAuth tokens so we can pull your reviews and post replies on your behalf. We don't snoop around your Google account for anything else.
  • How you use Reploi — things like how many AI replies you've generated, which plan you're on, and your remaining credits. This helps us keep your account running smoothly and show you accurate usage info.
  • Payment info — Stripe handles all the payment stuff. We never see or store your full card number. Stripe is PCI-compliant and used by millions of businesses worldwide.
  • Basic server logs — your IP address, browser type, and pages you visit. Standard stuff that helps us keep things secure and spot problems.

What we do with your data

Pretty simple list:

  • Run the service — fetching reviews, generating replies, posting them to Google
  • Keep your billing and subscription working
  • Send you important emails (trial reminders, receipts — not spam, we promise)
  • Improve Reploi over time, using aggregated and anonymized data
  • Comply with any legal obligations we have

We never sell your data. Not to advertisers, not to data brokers, not to anyone. Full stop.

How AI replies work

When you ask Reploi to generate a reply, we send the review text to OpenAI's API (they power our AI). The review goes in, a reply comes back. OpenAI doesn't use your data to train their models (we use their API under their business terms). We don't train any models on your reviews either.

You can read OpenAI's privacy policy if you're curious about their side.

Who else touches your data

We work with a handful of trusted services to run Reploi. Here's who and why:

  • Google — to read your reviews and post replies (only when you tell us to)
  • OpenAI — to generate AI reply suggestions (just the review text, nothing personal)
  • Stripe — for billing and payments
  • Supabase — our database provider (your data is stored in the EU)
  • Resend — for sending transactional emails like receipts

That's the full list. No hidden third parties, no ad networks.

How long we keep things

Your data stays around as long as you have an active Reploi account. If you decide to delete your account, we wipe your personal data within 30 days. The only exception is financial records — law requires us to keep those for 7 years (blame the regulators, not us).

Your rights

No matter where you are, but especially if you're in the EU/EEA, you've got rights over your data:

  • See it — ask us for a copy of everything we have on you
  • Fix it — if something's wrong, let us know and we'll correct it
  • Delete it — request that we erase your data
  • Take it — get your data exported in a standard format
  • Say no — object to how we process your data or withdraw consent

Just email privacy@reploi.com and we'll sort it out, usually within a few business days.

Cookies

We keep it minimal. Reploi uses only essential authentication cookies so you stay logged in. That's it — no tracking pixels, no ad cookies, no creepy stuff following you around the internet.

Security

We take this seriously. Your data is encrypted in transit (TLS), your Google OAuth tokens are encrypted at rest, and our database uses row-level security so your data stays yours. We regularly review our setup to make sure it's solid.

If you ever discover a vulnerability, please reach out at security@reploi.com. We appreciate responsible disclosure.

Changes

We might tweak this policy from time to time. If we make a big change, we'll email you about it — we won't quietly sneak anything in. Keep using Reploi after a change and we'll take that as your okay.

Questions?

If anything here doesn't make sense, or you just want to chat about how we handle your data, drop us a line at privacy@reploi.com. We're real people and we'll get back to you.