Privacy Policy

Introduction

Welcome to Repliable. We take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our communication intelligence service.

By using Repliable, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (via Clerk authentication)
• Name and profile information
• Authentication credentials (securely managed by Clerk)

1.2 Communication Data

To provide our AI-powered message analysis service, we collect and store:

• Messages: The full text of work messages you choose to analyze
• Context: Background information you provide about situations or relationships
• Profiles: Information about people you communicate with (names, relationships, communication patterns, personal notes)
• Analysis Results: AI-generated response options, ambiguity assessments, and communication insights
• Conversation History: Your message threads and follow-up interactions
• Communication Style Data: Patterns identified from your usage to improve recommendations

1.3 User Preferences

We collect your communication preferences including:

• Preferred tone and response length
• Personal boundaries and availability settings
• Growth goals and personality traits
• Communication strengths and areas to watch

1.4 Automatically Collected Information

• Usage data and analytics (via Vercel Analytics)
• Device information and browser type
• IP address and general location
• Session information and timestamps

2. How We Use Your Information

We use your information to:

• Provide the Service: Analyze messages and generate communication recommendations
• AI Processing: Send message content to Anthropic Claude AI for analysis (see Section 4)
• Personalization: Learn your communication patterns to provide better suggestions
• Account Management: Create and maintain your account, handle authentication
• Communication: Send you service updates, security alerts, and support messages
• Service Improvement: Analyze usage patterns to improve our AI models and features
• Security: Detect and prevent fraud, abuse, and security incidents

3. Data Storage and Access

3.1 Where Your Data Is Stored

Your data is stored in a PostgreSQL database hosted by Supabase (a cloud database provider).

3.2 Who Can Access Your Data

We believe in transparency. Here's who can technically access your data:

3.3 Data Retention

We retain your data for as long as your account is active. You can request deletion at any time (see Section 8).

4. Third-Party Services

4.1 Anthropic Claude AI

When you request message analysis, we send your message content, profile context, and conversation history to Anthropic's Claude AI model. This processing happens in real-time and is necessary for our service to function.

What Anthropic receives: Message text, sender profiles, communication context, your preferences

What Anthropic does NOT receive: Your email, account details, or unrelated messages

Anthropic's data handling is governed by their privacy policy. According to Anthropic, they do not use customer data to train their models without explicit consent.

4.2 Clerk (Authentication)

User authentication is managed by Clerk. They handle login credentials, session management, and account security. Clerk's data practices are governed by their privacy policy.

4.3 Vercel Analytics

We use Vercel Analytics for privacy-friendly usage analytics. This helps us understand how users interact with our service. Vercel Analytics does not use cookies and does not track users across sites.

5. Data Security

We take your privacy and data security extremely seriously. We implement multiple layers of protection:

5.1 Encryption at Rest (AES-256-GCM)

5.2 Additional Security Measures

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using HTTPS/TLS
• Authentication: Secure user authentication via Clerk with industry-standard protocols
• Database Security: Row Level Security (RLS) policies to prevent unauthorized data access
• Access Controls: Limited administrative access with logging and monitoring
• Regular Updates: We keep our software dependencies up-to-date with security patches

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Cookies and Tracking

We use minimal cookies and tracking:

• Authentication Cookies: Required to keep you logged in (managed by Clerk)
• Session Cookies: Temporary cookies for app functionality
• Analytics: Privacy-friendly analytics via Vercel (no personal tracking)

We do not use third-party advertising cookies or cross-site tracking.

7. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may disclose your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share information
• Service Providers: Third-party services necessary for operation (Supabase, Anthropic, Clerk) as described in Section 4
• Legal Requirements: If required by law, court order, or government request
• Safety and Security: To protect against fraud, security threats, or illegal activity
• Business Transfers: In the event of a merger, acquisition, or sale of assets (with notice to users)

8. Your Rights and Choices

You have the following rights regarding your personal data:

8.1 Access and Portability

You can access all your data through the Repliable app. To request a complete export of your data, contact us.

8.2 Correction

You can update your profile information, preferences, and communication data directly in the app.

8.3 Deletion

You can delete individual profiles, messages, or your entire account at any time. Deleted data is permanently removed from our systems. Note that some backup copies may persist for a limited time (typically 30 days) before permanent deletion.

8.4 Opt-Out

You can opt out of non-essential communications through your account settings.

8.5 GDPR Rights (EU Users)

If you are in the European Economic Area, you have additional rights under GDPR including:

• Right to data portability
• Right to object to processing
• Right to restrict processing
• Right to lodge a complaint with a supervisory authority

8.6 CCPA Rights (California Users)

California residents have the right to:

• Know what personal information is collected
• Know if personal information is sold or disclosed (we do not sell data)
• Opt-out of the sale of personal information (not applicable)
• Access and delete personal information
• Non-discrimination for exercising CCPA rights

9. Children's Privacy

Repliable is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Users

Your information may be transferred to and processed in the United States or other countries where our service providers operate. By using Repliable, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of Repliable after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

For data deletion requests, account issues, or privacy concerns, please include "Privacy Request" in your email subject line for faster processing.