Last updated: April 6, 2026
ReplyZen.app ("we", "us", "our") operates the replyzen.app website and the ReplyZen AI-powered review management platform. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Service.
By creating an account or using ReplyZen.app, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.
When you register, we collect your email address and name. If you sign in via Google OAuth, we receive your Google profile information (name, email, profile picture).
When you connect a review platform (Google Business Profile, Trustpilot, or other supported platforms), we access the following data through the respective platform API:
This data is used solely to display reviews in your dashboard and generate AI-suggested replies. OAuth tokens (access and refresh tokens) are encrypted at rest. You can disconnect a platform account at any time, which will remove all cached data from that platform from our system.
Payments are processed by our third-party payment processors (LemonSqueezy and/or Stripe). We do not store your credit card number, CVV, or full payment details. We only receive transaction confirmations, subscription status, and billing email.
We automatically collect information about how you interact with the Service, including pages visited, features used, reply generation counts, and error logs. This data is used to improve the Service.
With your consent (via the cookie banner), we collect the following analytics data for all visitors:
If you decline cookies via our consent banner, no analytics data is collected. Analytics data is automatically deleted after 90 days.
When you use the AI reply generation feature, the review text is sent to our AI provider (Google Gemini by default, or your chosen BYOK provider). We do not send personal data — only the review text, your chosen tone, and language preferences.
Your data is stored on secure servers located within the European Union. All data is encrypted in transit using TLS/SSL. Sensitive values (API keys, authentication tokens) are encrypted at rest using industry-standard encryption. Access to our infrastructure is restricted and protected by firewall rules and access controls.
While we implement industry-standard security measures, no method of electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data to the best of our ability.
We share data with the following third-party services only as necessary to provide the Service:
We do not sell, rent, or trade your personal data to any third party for marketing purposes.
We retain your account data for as long as your account is active. Review data is cached locally and synced periodically with connected platforms. When you delete your account (via Settings → Delete Account), all your personal data, connected accounts, reviews, and generated replies are permanently deleted within 30 days.
We may retain anonymized, aggregated data (e.g., total number of replies generated) for analytics purposes, which cannot be used to identify you.
If you are located in the European Economic Area (EEA), the UK, or other jurisdictions with data protection laws, you have the following rights:
To exercise any of these rights, email us at info@replyzen.app. We will respond within 30 days.
Our servers are located within the European Union. When AI reply generation is used, review text may be transmitted to AI providers whose servers may be located outside the EU. These transfers rely on Standard Contractual Clauses or adequacy decisions as applicable. When you use your own API keys (BYOK), data transfers to your chosen AI provider are governed by your relationship with that provider.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify affected users without undue delay and no later than 72 hours after becoming aware of the breach, in accordance with GDPR Article 33. We will also notify the relevant supervisory authority as required by law.
ReplyZen.app uses artificial intelligence to generate suggested review replies. In compliance with the EU AI Act, we disclose that: AI-generated content is clearly labeled as suggestions; no automated decisions with legal effects are made; all AI output must be reviewed and approved by you before publishing. The AI processes only review text, your chosen tone, and language preferences — no personal data is used for AI training.
We use cookies and similar technologies to maintain your session and remember your preferences. We also use browser fingerprinting (a non-cookie tracking method) for analytics purposes, subject to your consent via the cookie banner on first visit. For detailed information, please see our Cookie Policy.
ReplyZen.app is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will delete it promptly.
ReplyZen.app's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email or an in-app notification. Your continued use of the Service after changes constitutes acceptance of the updated policy.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: