ReplyReady

Privacy Policy

Last updated: June 28, 2025

1. Introduction

Welcome to ReplyReady ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our email productivity services. ReplyReady helps you prioritize emails, summarize messages, and draft replies via Gmail integration and AI processing.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller for your personal information is ReadyReplyHQ, operating ReplyReady. For privacy-related inquiries, contact us at readyreplyhq@gmail.com.

3. Information We Collect

3.1 Account Information

When you sign up via Google OAuth, we collect:

  • Email address (primary identifier)
  • Name and profile image (from Google)
  • Account preferences and settings

3.2 Email Data

To provide our service, we collect and store:

  • Email metadata (sender, subject, date, snippet)
  • Email body text (sanitized, limited to 20,000 characters)
  • Gmail OAuth tokens (encrypted at rest)

3.3 Payment Information

Payment processing is handled by Stripe. We do not store payment card details or banking information on our servers.

4. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Consent: Where you have agreed (e.g. analytics, non-essential processing)
  • Contract: To provide our email productivity services
  • Legitimate interest: Security, fraud prevention, and service improvement
  • Legal obligation: To comply with applicable laws

5. How We Use Your Information

We use your data to:

  • Authenticate and maintain your account
  • Sync, organize, and prioritize your emails
  • Generate AI-powered summaries, categorizations, and reply drafts
  • Provide daily digests and customer support
  • Process payments via Stripe and send service updates

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Third-Party Services and Data Sharing

We use the following third-party services. Their privacy policies apply:

  • Google OAuth: Authentication only. We access your email, name, and profile picture. Subject to Google's Privacy Policy.
  • Stripe: Payment processing and subscriptions. We receive payment status only. Subject to Stripe's Privacy Policy.
  • OpenAI: AI processing for summaries and reply drafts. Email content is sent to OpenAI solely to provide these features. Subject to OpenAI's Privacy Policy.

7. Data Retention

  • Account and email data: retained until you delete your account or disconnect Gmail
  • Payment data: retained by Stripe according to their policies

8. Your Rights (GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restrict processing: Limit how we use your data
  • Data portability: Receive your data in a structured format
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent

To exercise these rights, contact us at readyreplyhq@gmail.com. We aim to respond within 30 days.

9. Data Security

We use industry-standard measures including:

  • OAuth tokens encrypted with AES-256-GCM before storage
  • Limited and sanitized email body storage; we do not log raw bodies
  • HTTPS for all data transmission

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

10. International Data Transfers

Your data may be processed in countries outside the European Economic Area (e.g. by OpenAI, Stripe). We ensure appropriate safeguards (e.g. adequacy decisions, standard contractual clauses) where required.

11. Cookies and Tracking

We use essential cookies for authentication and functionality. Analytics cookies may be used with your consent. You can manage cookie preferences in your browser settings.

12. Children's Privacy

Our services are not intended for anyone under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or the law. We will notify you of material changes (e.g. by email) and update the "Last updated" date. Continued use of our services after changes constitutes acceptance.

14. Contact Information

For questions, to exercise your rights, or to request account deletion:

15. Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority. You may also contact us at readyreplyhq@gmail.com so we can try to resolve the issue.