Legal

Privacy Policy

Effective date: April 2026 · ReplyBase (replybasehq.com)

1. Introduction

ReplyBase ("we", "us", or "our") operates the ReplyBase platform, which provides AI-powered Google review reply management for local businesses. This Privacy Policy explains how we collect, use, and protect your personal information when you use our service.

By using ReplyBase, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following categories of information:

  • Account information: Your email address and password (stored securely via Supabase Auth) when you create an account.
  • Google Business Profile data: When you connect your Google Business Profile, we request access under the business.manage scope. This allows us to read your reviews and post replies on your behalf. We store a Google OAuth refresh token to maintain this access.
  • Review data: We access and process Google reviews associated with your connected business locations to generate AI-powered reply suggestions.
  • Payment information: Billing and subscription data is handled entirely by Stripe. We do not store your card details. We store your Stripe customer ID and subscription status.
  • Usage data: General usage information such as the number of reviews processed and replies generated, used to enforce plan limits and improve the service.

3. How We Use Your Information

We use the information we collect to:

  • Authenticate you and maintain your account securely.
  • Connect to your Google Business Profile and retrieve your reviews.
  • Generate AI-powered reply suggestions using your review content via the Anthropic API (Claude). Review content is sent to Anthropic solely for the purpose of generating replies and is not used to train models.
  • Post approved replies to Google on your behalf when you click Approve & Send, or automatically if you have enabled auto-reply mode.
  • Process your subscription payment and manage billing through Stripe.
  • Send you transactional emails such as new review notifications and account alerts.

4. Google API Usage

ReplyBase integrates with the Google Business Profile API. Our use of data obtained through the Google API complies with the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • We only request the business.manage scope, which is the minimum required to read reviews and post replies.
  • We do not use your Google data for advertising or to build profiles for third parties.
  • We do not sell or share your Google data with third parties except as necessary to operate the service.
  • You can revoke our access at any time by disconnecting your Google account from within the ReplyBase dashboard or via your Google Account permissions page.

5. Third-Party Services

We use the following third-party services to operate ReplyBase:

  • Supabase: We use Supabase to store your account data, business connection data, and subscription records. Data is stored securely in a Supabase-managed PostgreSQL database. See Supabase's Privacy Policy.
  • Stripe: We use Stripe to process subscription payments. Your payment card details are handled entirely by Stripe and never stored on our servers. See Stripe's Privacy Policy.
  • Anthropic: Review content is sent to Anthropic's API to generate reply suggestions. See Anthropic's Privacy Policy.
  • Google: We access the Google Business Profile API on your behalf using the permissions you grant during OAuth. See Google's Privacy Policy.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, including your Google OAuth tokens, business profile connections, and account information. Stripe may retain payment records as required by law.

7. Your Rights

You have the right to access, correct, or delete your personal data at any time. You can delete your account from the Settings page in your dashboard. For any data requests, contact us at hello@replybasehq.com.

8. Security

We take reasonable technical and organisational measures to protect your data, including encrypted storage via Supabase, HTTPS for all data in transit, and using the Supabase service role key only in server-side contexts. However, no method of transmission over the internet is 100% secure.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via an in-app notice. Continued use of the service after changes take effect constitutes your acceptance of the updated policy.

10. Contact

For privacy-related questions or data deletion requests, contact us at:

Email: hello@replybasehq.com
Website: replybasehq.com