ReviewReplier ("ReviewReplier", "we", "us", "our") is a web application that helps small businesses read and reply to their public reviews on Google and other review platforms. This Privacy Policy describes the information we collect, how we use it, who we share it with, and the choices and rights you have. It also describes how we handle data we receive through Google APIs.
We operate at reviewreplier.app. If you have questions about this policy, contact us at support@reviewreplier.app.
1. Who this policy applies to
This policy applies to anyone who creates a ReviewReplier account, connects a Google Business Profile, or visits our website. ReviewReplier is intended for business owners and managers; it is not directed at children under 16, and we do not knowingly collect data from anyone in that age group.
2. Information we collect
2.1 Account information you provide
Name and email address — used to create your account, authenticate you, and contact you about the service.
Password — stored only as a salted hash; we never see or store your plaintext password.
Business profile — the business name, your reply-voice preferences, and any optional advanced prompt configuration you provide.
2.2 Google account data (received via Google APIs)
When you choose to connect your Google Business Profile, Google asks you to grant ReviewReplier access to the https://www.googleapis.com/auth/business.manage scope. With that permission, we receive and store:
An OAuth refresh token issued by Google, encrypted at rest using AES-256-GCM.
The Google Business Profile account ID and selected location ID for the location you choose to manage.
Reviews on that location: the reviewer's display name (as Google provides it), star rating, review text, timestamps, and any existing reply.
Replies you post through ReviewReplier, sent back to Google on your behalf.
We do not request, fetch, or store any other categories of Google data. We do not access your Gmail, Drive, Calendar, Contacts, Photos, location history, or any other Google product. We do not access information about other Google accounts you may own.
2.3 Content you generate inside ReviewReplier
Reply drafts (whether AI-generated or written by you), and the prompt or voice settings used to produce them.
Reviews you add manually for review platforms we don't yet integrate with directly.
Settings such as autopilot toggles and reply language preferences.
2.4 Technical and diagnostic information
Standard server logs (timestamp, request path, status code, IP address) retained for up to 30 days for abuse prevention and debugging.
Crash and error reports collected via Sentry to help us fix bugs. These may include the URL you were on, the action you were attempting, and a stack trace. We configure Sentry to scrub passwords and tokens.
A single first-party session cookie set by our authentication system. We do not use third-party analytics or advertising cookies.
3. How we use information
We use the information described above only for the purposes that follow. We do not use it for any other purpose.
To provide the service — display your reviews to you, draft replies, and post replies to Google when you ask us to (or when you have enabled autopilot for that location).
To generate reply drafts — review text and your voice configuration are sent to Anthropic's Claude API so the model can produce a draft. See "Service providers" below.
To authenticate you — verify your identity at sign-in and maintain your session.
To communicate with you — send transactional email (account verification, password resets, important service notices). We do not send marketing email without separate consent.
To keep the service safe and reliable — investigate errors, prevent abuse, and improve performance.
To meet legal obligations — comply with applicable law, lawful requests from authorities, and our terms of service.
We do not sell your data. We do not use Google user data for advertising or to build advertising profiles. We do not transfer Google user data to third parties except the limited service providers strictly necessary to operate the features you use, listed below.
4. Google API Services User Data Policy — Limited Use
ReviewReplier's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
We only use Google user data to provide and improve user-facing features that are visible and prominent in ReviewReplier's interface.
We only transfer Google user data to others if necessary to provide or improve user-facing features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
We do not use Google user data to serve advertisements, including retargeting, personalised, or interest-based advertising.
We do not allow humans to read Google user data unless: (a) we have your affirmative consent for a specific request; (b) it is necessary for security purposes (such as investigating abuse); (c) it is necessary to comply with applicable law; or (d) the data has been aggregated and anonymised so it cannot be used to identify any individual user.
5. Service providers we share data with
We share the minimum information necessary with the following processors. They act under written agreements that limit them to processing data on our instructions.
Railway (hosting and managed Postgres) — stores all account, business, and Google data described above. Servers operated in the United States.
Anthropic (Claude API, used to draft replies) — receives the text of the review being replied to, your business voice configuration, and the draft prompt. Anthropic states that API inputs are not used to train its models. We do not send your Google OAuth tokens, password, or email address to Anthropic.
Sentry (error monitoring) — receives stack traces and request metadata when an error occurs. We configure Sentry to redact authentication headers, cookies, and password fields.
Better Auth — an open-source authentication library that runs on our own servers. No data is sent to a third party through Better Auth.
Google — when you post a reply through ReviewReplier, we send that reply to Google via the Google Business Profile API so it appears under your review on Google.
We do not share your data with any other third parties for their independent use. We do not sell, rent, or trade personal information.
6. International transfers
ReviewReplier's servers and most service providers are based in the United States. If you access ReviewReplier from the United Kingdom, the European Economic Area, or another region with data-protection laws, your information will be transferred to and processed in the United States. We rely on appropriate safeguards (such as the Standard Contractual Clauses and the EU-US Data Privacy Framework, where applicable) for these transfers.
7. How long we keep data
Account, business, and review data — retained for as long as your account is active.
Google OAuth refresh token — retained until you disconnect Google in Settings or delete your account, whichever comes first. Disconnecting deletes the encrypted token from our database immediately. You can also revoke our access at any time from your Google account permissions page.
Server logs — up to 30 days.
Error reports (Sentry) — up to 90 days, then deleted automatically.
After account deletion — we remove your account and business data from our active systems immediately and from backups within 30 days. We may retain a minimal record of the deletion event for legal and audit purposes.
8. How to delete your data or revoke access
Disconnect Google — open Settings inside ReviewReplier and click "Disconnect" under the Google connection. This wipes the refresh token and stops all access to your Google data.
Delete your account — open Settings → Delete account, confirm with your password, and type DELETE. This removes your account, your business profile, all stored reviews and replies, and any Google connection. This action cannot be undone.
Email request — if you are unable to use the in-app option for any reason, write to support@reviewreplier.app from the email address on your account and we will action the request within 30 days.
9. How we protect your data
All traffic between you and ReviewReplier is encrypted in transit with HTTPS (TLS).
Google OAuth refresh tokens are encrypted at rest with AES-256-GCM. The encryption key is held in our server environment and is not stored alongside the encrypted data.
Passwords are stored as salted hashes (scrypt-based); we cannot recover them.
Database access is restricted to the application server; no third party has direct database access.
Sessions expire after seven days of inactivity.
No system is perfectly secure, and we cannot guarantee absolute security. If we ever experience a data breach affecting your information, we will notify you and the relevant supervisory authority as required by law.
10. Your rights
If you are in the United Kingdom, the European Economic Area, or another region with comparable data-protection laws, you have the right to:
access the personal data we hold about you;
have inaccurate data corrected;
have your data erased ("right to be forgotten");
restrict or object to certain processing;
receive a copy of your data in a portable format;
withdraw consent at any time, where we relied on consent.
To exercise any of these rights, email support@reviewreplier.app. You can also lodge a complaint with the UK Information Commissioner's Office at ico.org.uk or your local data-protection authority.
11. Cookies
We use a single first-party authentication cookie to keep you signed in. We do not use third-party analytics, advertising, or social-media cookies, and we do not embed third-party tracking pixels.
12. Children
ReviewReplier is not intended for children under 16. We do not knowingly collect personal data from anyone in that age group. If you believe a child has provided us with personal data, contact us and we will delete it.
13. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify you by email at the address on your account and post a notice in the app at least seven days before the changes take effect. Continued use of ReviewReplier after the effective date means you accept the updated policy.