Privacy Policy

ReplyCorp Privacy Policy

Effective Date: June 1, 2025

ReplyCorp ("we", "us", or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use any of the software, services, websites, or applications we provide (the “Services”), including but not limited to our engagement platform, ReplyPoints.

This policy applies to all current and future Services offered by ReplyCorp, unless those Services are governed by a separate or supplementary privacy policy. If you do not agree with this policy, please do not use the Services.

1. Information We Collect

We collect both personal data and non-personal public data in order to provide and improve the Services.

A. Personal Data You Provide

•

Account registration information (e.g., name, email address, organization, billing details)

•

Communications with us (e.g., support requests, feedback)

B. Information We Collect Automatically

•

Engagement data from your connected social media platforms (e.g., likes, shares, comments)

•

Historical engagement data from up to 10,000 past posts (with your permission)

•

Technical data such as IP address, browser type, device information, and usage statistics

C. Information from Third-Party Platforms

•

We access social media APIs (e.g., Twitter/X, Instagram, YouTube) only with your consent

•

We do not collect or store passwords from these platforms

2. How We Use Your Information

We use the information we collect to:

•

Provide, operate, and improve the Services

•

Analyze engagement and calculate points

•

Backfill historical engagement data

•

Offer features such as random weighted giveaways

•

Communicate with you about service updates, support, and billing

•

Ensure platform security and prevent abuse

•

Support internal research and development

•

Enhance other services and future products offered by ReplyCorp, provided such use remains consistent with this Privacy Policy and applicable privacy laws

If additional features involve blockchain integrations or AI-based personalization, we will provide you with separate terms and request consent where required.

3. Data Ownership and Public Content

Some of our Services, such as ReplyPoints, involve processing public engagement data from third-party social media platforms (e.g., likes, shares, comments). This content is derived from publicly available information and is not considered proprietary user data under this policy. It remains subject to the terms of service and ownership rules of each respective platform.

We do not claim ownership of this content. Our use of it is solely for the purposes of providing the Services, in compliance with platform APIs, permissions, and your consent. By using the Services, you acknowledge that such data remains under the ownership or licensing terms of the original platform or content creator.

While raw engagement data is publicly available, any derived analytics, rankings, or metrics created by the Services (such as loyalty scores or engagement tiers) are proprietary to ReplyCorp and are not subject to user data deletion or export requests, except where applicable by law.

This engagement data is not considered your personal data under applicable privacy laws and cannot be accessed, exported, or deleted under data subject rights.

4. Legal Basis for Processing (GDPR Compliance)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

•

Consent: When you authorize integrations with social media platforms

•

Contractual necessity: To provide the Services to you

•

Legal obligations: To comply with applicable laws

•

Legitimate interests: For analytics, service improvement, and fraud prevention

For clarity, “personal data” refers only to information you provide directly to us (such as your name, email address, and billing details), or data generated through your use of the Services in a way that personally identifies you (such as account activity or login history).

It does not include engagement data collected from third-party social media platforms, which is considered public data and is subject to the ownership and licensing terms of each respective platform. Such engagement data is not considered your personal data under this Privacy Policy or applicable law.

You have the right to withdraw consent at any time without affecting the lawfulness of prior processing.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

•

Third-party service providers (e.g., hosting, analytics, payment processors)

•

Law enforcement or regulatory authorities when legally required

•

Affiliates or successors in connection with a merger, acquisition, or asset sale

All third parties are required to uphold confidentiality and implement appropriate data protection safeguards.

6. International Data Transfers

If you access the Services from outside the United States, you understand and agree that your information may be transferred to and processed in the United States or other countries with different data protection laws.

When transferring personal data from the EEA, UK, or Switzerland, we rely on approved mechanisms such as Standard Contractual Clauses or other legal safeguards.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes described in this policy or to comply with legal obligations.

Where not otherwise specified, we retain account-level data for up to 30 days following account deletion or contract termination, unless otherwise required by law.

You may request deletion of your data by contacting us (see Section 12).

8. Your Rights Under GDPR

If you are located in the EEA, UK, or Switzerland, you have the right to:

•

Access the personal data we hold about you

•

Request correction or deletion of your data

•

Object to or restrict certain types of processing

•

Request portability of your data

•

File a complaint with your local data protection authority

To exercise any of these rights, please contact us at: privacy@replycorp.io

8A. Your California Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including the right to:

•

Know what personal information we collect, use, disclose, or sell

•

Request deletion of your personal information

•

Opt out of the sale or sharing of your personal information (Note: we do not sell your personal data)

•

Correct inaccurate personal information

•

Limit use and disclosure of sensitive personal information (if collected)

To exercise your rights under CPRA, please contact us at: privacy@replycorp.io

9. Security Measures

We implement technical and organizational security measures to protect your data, including:

•

Encryption during transmission and storage

•

Role-based access controls

•

Secure infrastructure and data centers

However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute protection.

10. Children's Privacy

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through the Services. Continued use of the Services after such changes constitutes your acceptance of the revised policy.

The date of the last revision will always appear at the top of this policy.

12. Contact Us

For questions or concerns regarding this Privacy Policy or your personal data, please contact us:

ReplyCorp
30 North Gould Street, Suite R
Sheridan, WY 82801

Email (Support): support@replycorp.io

Email (Privacy): privacy@replycorp.io