BETA
ReplyHero Legal
Back to HomeGo to Dashboard

Legal

Privacy Policy

Effective date: 14 January 2025 — This policy explains how ReplyHero (operated by a South African sole proprietor) processes personal information under POPIA.

What we collect

  • Account data: email address, authentication metadata, subscription status.
  • Business context: business name, industry, tone preferences, FAQs, services, and non-sensitive customer messages.
  • Usage data: reply generation counts, plan limits, device/browser metadata for security.

Processors we use

  • Supabase (hosting, database, authentication)
  • Vercel (application hosting and analytics)
  • OpenAI (processing customer messages to generate replies)
  • Paystack/Stripe (payments and subscription management)

How and why we use data

Data is used to authenticate users, personalize reply suggestions, enforce plan limits, and provide billing. Customer messages are processed by OpenAI only for generating replies and are redacted to remove contact details where possible. We do not use customer content to train our own models.

Retention

Business profiles, FAQs, and message history are stored until you delete them or delete your account. Billing records may be retained as required by South African tax law.

Your rights under POPIA

  • Access: request a copy of your personal information.
  • Correction: update inaccurate details in your profile or onboarding.
  • Deletion: use the in-app delete account tool to erase stored data.
  • Objection: opt out of analytics and marketing; disable non-essential cookies via the banner.

Cookies and tracking

ReplyHero uses essential cookies for authentication and optional analytics cookies (Vercel). You can decline analytics via the cookie banner. See the Cookie Notice for details.

Data sharing and transfers

Data is stored primarily in Supabase (EU) and processed by OpenAI (global) to provide suggestions. Transfers are limited to the minimum necessary fields and are redacted to remove direct identifiers when possible.

Security

  • HTTPS everywhere; secure, HttpOnly, SameSite=Lax cookies.
  • Rate limiting on AI endpoints and strict role-based policies in Supabase.
  • No logging of passwords or sensitive identifiers.

Contact

Information Officer: ReplyHero Support — support@replyhero.co.za

Cookies & analytics

We use essential cookies for authentication and lightweight analytics (Vercel) to improve ReplyHero. You can opt out of analytics at any time.

Cookie NoticePrivacy Policy