Privacy Policy
ReplyLoop ("us", "we", or "our") operates the replyloop.co website (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
Scope
This Privacy Policy explains how ReplyLoop (“we,” “us,” “our”) collects, uses, stores, and shares information when you use our website at replyloop.co and our application. It also discloses our handling of Google user data obtained via Google APIs and the OAuth consent process, as required by Google’s policies.
What we collect
A) Information you provide
• Account and profile details (e.g., name, email) you enter in the app.
• Support requests, feedback, or content you upload.
B) Automatic data
• Log and device info (browser type, IP, timestamps).
• Usage analytics (events, performance).
[Name your analytics tool or state “no analytics”].
C) Google user data (via OAuth)
If you choose to connect a Google account, we request the following OAuth scopes. You will see the requested scopes on Google's consent screen before you connect.
gmail.send — Allows ReplyLoop to send emails on your behalf. We use this scope to deliver replies and messages that you compose, review, and authorize within the app. We never send emails without your explicit action.
gmail.compose — Allows ReplyLoop to create draft emails in your connected Gmail account. We use this scope to save AI-assisted reply drafts so you can review, edit, and send them at your discretion.
gmail.modify — Allows ReplyLoop to read, organize, and update the metadata of messages in your Gmail account (such as labels, read/unread status, and archiving). We use this scope to triage and categorize your incoming emails, organize messages by property, owner, tenant, and vendor, and track the status of ongoing conversations. This scope also includes the ability to read message content, which we use to classify emails and generate contextual reply drafts based on your Reference Documents.
We request only the minimum scopes necessary to provide the features described above. We do not use your Gmail data for advertising, market research, or any purpose unrelated to the user-facing features of ReplyLoop. All email data is handled in accordance with Google's Limited Use requirements as described in Section 9 of this policy.
How we use data
We use personal data to:
• Provide, maintain, and improve features you choose to use.
• Secure the service, prevent abuse, and troubleshoot issues.
• Provide support and respond to requests.
We do not sell personal information. We do not use Google user data for advertising or for building advertising profiles. Our use is limited to user-facing features that are prominent in the app.
How we share data
Service providers (sub-processors): We may share limited data with vendors that help us host, store, process, or support the service (e.g., cloud hosting, error monitoring). They act on our instructions under contracts that protect your data.
Legal, safety, and compliance: We may disclose information if required by law or to protect rights, safety, and security.
Business transfers: If we undergo a merger, acquisition, or asset sale, we’ll inform you and require successors to honor this Policy or obtain your consent where required.
We do not transfer Google user data to third parties for advertising or marketing.
Storage, security, and retention
Security: We apply access controls, encryption in transit and at rest (where applicable), least-privilege practices, and regular reviews.
Retention: We keep personal data only as long as needed for the purposes above or as required by law. You can request deletion at any time (see “Your choices”). For Google user data, we retain only as long as needed to provide the user-facing feature, per Google’s Limited Use requirements.
Your choices and rights
Connect/Disconnect Google: You can connect or disconnect your Google account in the app at any time. Disconnecting stops new data flows; stored data is handled per “Retention” or your deletion request.
Revoke at Google: You can also revoke our access via your Google Account settings (Security → Third-party access).
Access, edit, delete: Contact us at privacy@replyloop.co or use in-app controls to access, edit, export, or delete your data.
Communications: You can opt out of non-transactional emails.
Contact us
If you have any questions about this Privacy Policy, please contact us:
By email: privacy@replyloop.co
Children's privacy
ReplyLoop is not directed to children under 13, and we don’t knowingly collect data from them. If you believe a child provided data, contact us to delete it.
International transfers
If we transfer data outside your region, we use appropriate safeguards (e.g., contractual clauses) as required by law.
Google API services user data policy and limited use
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. In short, we request the minimum scopes necessary; use data only to provide/improve user-facing features; prohibit unrelated transfers; and restrict human access except with explicit consent, for security, or where required by law.
Sub-processors
We currently use:
• Heroku, hosting and storage
We update this list when vendors change and will reflect updates here.
Changes to this policy
We will keep this Policy up to date with how the app uses Google user data. If we make material changes, we’ll notify you in-app and update the “Effective date” above.
Contact us
Questions or requests: privacy@replyloop.co
