Privacy Policy

Information We Collect

We collect information you provide directly, such as when you create an account, subscribe to a plan, or contact us for support. This includes:

• Account information (name, email, company, location)
• Billing information (payment method, billing address)
• Review data from your connected Google Business Profile
• Communication history (support tickets, feedback)
• Usage data (features used, responses generated, analytics viewed)

How We Use Your Information

We use collected information to deliver, maintain, and improve OptiReply:

• Provide access to core platform features
• Process payments and manage subscriptions
• Generate AI-powered review responses and insights
• Send transactional notifications and account updates
• Improve product performance and user experience
• Comply with legal obligations

Data Storage & Security

Your data is stored securely on Supabase infrastructure (AWS), which maintains SOC 2 compliance. We implement:

• Encryption in transit (HTTPS/TLS) and at rest
• Role-based access controls
• Automated backups with point-in-time recovery
• Regular security audits and monitoring

Third-Party Data Sharing

We share limited data only with essential service providers:

• Stripe — Payment processing (PCI DSS Level 1 compliant)
• Supabase — Data hosting and authentication (SOC 2 certified)
• Vercel — Application hosting and CDN
• Google Cloud — AI processing and analytics

We do not sell your data to any third party.

Google API & Data

Because OptiReply integrates with Google Business Profile, we follow Google's API policies:

• We access your Google Business Profile data only with your explicit authorization
• We do not use Google data to train public AI models
• You can revoke access anytime in your Google Account settings
• We comply with Google's limited use policies

Your Rights

You have the following rights regarding your personal data:

• Right to access: Request a copy of your data
• Right to correct: Update inaccurate information
• Right to delete: Request deletion of your account and data
• Right to data portability: Export your data in standard format

Submit requests to privacy@seven9it.com. We will respond within 30 days.

Data Retention

We retain your data as long as your account is active and for a reasonable period afterward to satisfy legal obligations:

• Active account data: Retained while account is active
• Deleted account data: Purged within 90 days
• Backup data: Retained on rolling 90-day cycle
• Financial records: Retained for 7 years (tax/legal compliance)

Cookies & Tracking

We use essential cookies for authentication and session management. We do not use tracking cookies or analytics that identify individuals. You can disable non-essential cookies in your browser settings.

Children's Privacy

OptiReply is not directed to children under 13. We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information immediately.

Contact

Questions about this Privacy Policy?