ReputeAIReputeAI
arrow_backBack to Home

Privacy Policy

Effective date: February 18, 2026 · Website: repute-app.com · Product: ReputeAI

1. Who we are

The Service is operated by the operator of ReputeAI, based in Cyprus ("we", "us", "our"). Contact: privacy@repute-app.com.

2. Scope

This Privacy Policy explains how we collect, use, disclose, and protect personal data when: you visit our website, you create and use an account, you connect a Google Business Profile and manage reviews through the Service.

3. Important B2B / multi-tenant note (Controller vs Processor)

The Service is designed for business use. Depending on how you use the Service:

  • We act as a controller for account, billing, and website data (e.g., your email, login events, subscription status).
  • We may act as a processor when we process customer content (e.g., Google Business Profile reviews) on behalf of a tenant (business customer). In such cases, the tenant is the controller.

If you are an end customer of a tenant and want to exercise data rights, please contact the relevant business first. We can assist the tenant where applicable.

4. Data we collect

A) Account and profile data

Name (optional), email, password hash (if applicable), authentication identifiers. Company/tenant information you provide.

B) Google Business Profile data (connected accounts)

When you connect Google Business Profile, we may process and store: location identifiers, name, address; reviews including rating, publication date, review text, and author name (or "Anonymous"); owner replies (drafted and published) and timestamps; access tokens / refresh tokens or similar credentials required to access Google APIs.

C) AI generation inputs and outputs

We may process: review text and rating; detected language and sentiment classification; brand settings you configure (e.g., business description, tone, signature); AI-generated drafts and edit history.

D) Technical and usage data

IP address, device/browser data, logs, timestamps, and actions performed in the Service. Session cookies required for authentication.

E) Billing data

If you subscribe, payments are processed by Stripe. We receive limited billing metadata (e.g., subscription status, plan, billing history identifiers). We do not store full card details.

5. Purposes and legal bases (GDPR)

We process personal data for:

  • Providing the Service (contract): create accounts, sync reviews, generate drafts, publish replies.
  • Security and abuse prevention (legitimate interests): protect accounts, prevent fraud and misuse.
  • Billing and compliance (legal obligation / contract): payments, invoices, accounting.
  • Service improvement (legitimate interests): reliability, performance, bug fixing. We do not use customer content to train third-party AI models unless explicitly stated and enabled by you.

6. AI providers and automated processing

We use third-party AI providers to generate draft replies and analyze sentiment/language. This may involve sending review text and related context to those providers.

We implement human oversight: AI outputs are drafts, and publication requires user review/approval.

7. Subprocessors / service providers

We may share personal data with trusted providers who process it on our behalf, such as:

  • Google (OAuth and Business Profile APIs)
  • Anthropic (text generation)
  • Alibaba Cloud / Qwen (text generation)
  • DeepSeek (sentiment analysis)
  • DetectLanguage (language detection, if configured)
  • Stripe (payments and subscriptions)
  • Our hosting and infrastructure providers

We only share what is necessary for the relevant purpose and require appropriate safeguards.

8. International transfers

Some providers may process data outside the EEA/UK. Where required, we use appropriate transfer mechanisms such as Standard Contractual Clauses (SCCs) and additional safeguards.

9. Data retention

We keep data only as long as necessary:

  • Account data: for the life of the account and a reasonable period thereafter for security/legal purposes.
  • Google Business Profile data (reviews/drafts): while your account is active, unless you delete it.
  • Backups: we perform at least daily backups and retain them for 30 days (then they are overwritten or deleted).

10. Security

We use reasonable technical and organizational measures to protect data, including access controls, encryption where appropriate, and secure secret management.

11. Your rights (EEA/UK)

Subject to applicable law, you may have the right to: access, rectify, delete, restrict, object, and port your data; withdraw consent where processing is based on consent; lodge a complaint with a supervisory authority.

To exercise rights, contact privacy@repute-app.com. If we are acting as a processor for a tenant, we may redirect you to the tenant.

12. Cookies

We use essential cookies for authentication and session management. We do not currently use marketing cookies.

13. Children

The Service is intended for business use and is not directed to children. We do not knowingly collect personal data from children.

14. Changes

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the effective date.

arrow_backBack to HomeTerms of Servicearrow_forward