Privacy Policy

Last updated April 19, 2026

This Privacy Policy explains how ReplyFront ("we", "us") collects, uses, shares, and protects personal data when you visit our websites, use our SaaS dashboard, embed our widget on your storefront, or otherwise interact with our services (collectively, the "Service"). It applies to two distinct categories of people:

  • Merchants — owners and team members of accounts on our platform.
  • End customers — visitors who chat with the widget on a merchant's storefront.

1. Data we collect

From merchants

  • Account info: name, email, hashed password, profile preferences.
  • Billing info: company name, billing address, last 4 of payment method (handled by Stripe — we never see full card numbers).
  • Usage data: pages visited, features used, IP address, browser, timestamps.
  • Integration credentials: encrypted API tokens for connected stores and channels.

From end customers

  • Conversation content (messages, attachments) you exchange with the widget.
  • Identifiers the merchant chooses to attach (email, phone, customer ID) to enable order lookup or personalisation.
  • Technical data: IP, user agent, referring URL, anonymous session identifier.

End-customer data is processed on behalf of the merchant. The merchant is the data controller; we are the processor. See our DPA for details.

2. How we use data

  • To provide, maintain, and improve the Service.
  • To generate AI replies (we send conversation context to the AI provider configured for the workspace).
  • To send transactional emails (verification, password reset, billing receipts, security alerts).
  • To detect, prevent, and respond to abuse, fraud, security incidents, and policy violations.
  • To comply with legal obligations.
  • With merchant consent, to send product update emails (you can unsubscribe at any time).

3. Legal bases (GDPR)

If you are in the EEA, UK, or Switzerland, our legal bases for processing are:

  • Contract — performing our agreement with merchants.
  • Legitimate interests — operating, securing, and improving the Service.
  • Consent — for optional marketing emails, non-essential cookies, and certain features.
  • Legal obligation — tax, accounting, and law-enforcement requests.

4. How we share data

We do not sell personal data. We share with:

  • Sub-processors: infrastructure (Hetzner / our VPS provider), email (Resend), payments (Stripe), AI inference (OpenAI, Anthropic), error monitoring (Sentry, when enabled). A current list is at /legal/subprocessors.
  • Channel partners: Shopify, Meta (Messenger / Instagram), WhatsApp Cloud API — only when the merchant connects those channels.
  • Authorities: when required by valid legal process and consistent with applicable law.
  • Acquirers: in connection with a merger, acquisition, or asset sale, with notice to you.

5. International transfers

Personal data may be processed outside your country, including in jurisdictions that do not offer the same level of data protection. Where required, we rely on Standard Contractual Clauses or other lawful transfer mechanisms.

6. Retention

  • Active workspace data: retained for the lifetime of the account.
  • Conversation transcripts: retained per the merchant's configured retention setting (default: indefinitely while the workspace is active).
  • Billing records: retained as required by tax laws (typically 7-10 years).
  • Backups: retained for up to 30 days.
  • Account deleted: personal data is purged within 30 days, except as required by law.

7. Your rights

Depending on where you live, you may have the right to access, correct, delete, port, restrict, or object to processing of your personal data, and to lodge a complaint with a supervisory authority. Merchants can exercise these rights from their dashboard or by emailing [email protected]. End customers should contact the merchant whose widget they used; we will assist the merchant in responding.

8. Security

We use industry-standard safeguards including TLS in transit, AES-256-GCM encryption at rest for secrets, hashed passwords (Argon2), least-privilege access controls, audit logging, and regular backups. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

9. Cookies

We use a small number of strictly necessary cookies (e.g. session, CSRF) and optional analytics cookies (only with consent). See our Cookie Policy for the full list.

10. Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, contact [email protected] and we will delete it.

11. Changes to this Policy

We may update this Policy. Material changes will be announced via email or in-product notice at least 14 days before taking effect.

Contact

Questions about this document? Email [email protected]. For data subject requests, write to [email protected].