Privacy Policy

Last updated: March 2025

1. Introduction

[COMPANY_NAME] (“we,” “us,” or “our”) operates Reviewly. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By using the Service, you consent to the practices described herein.

2. Information We Collect

Account Information

When you create an account, we collect your email address, name, and authentication credentials. If you sign up through a third-party provider (such as Google), we receive basic profile information as authorized by that provider.

Review Text

When you use the Service, you submit review text for processing. This text is sent to our AI processing service to generate response suggestions. We may retain submitted review text to improve the Service, but we do not publicly share or sell this data.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, response generation frequency, browser type, device information, and IP address.

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number, CVV, or bank account details on our servers. Stripe may collect and store payment information in accordance with their own privacy policy.

3. How We Use Your Data

We use the information we collect to: (a) provide, maintain, and improve the Service; (b) process transactions and manage subscriptions; (c) generate AI-powered review responses based on submitted text; (d) communicate with you about your account, updates, and support; (e) analyze usage patterns to improve user experience; and (f) comply with legal obligations.

4. AI Processing

Review text you submit is processed by Anthropic's Claude API to generate response suggestions. This means your submitted review text is transmitted to Anthropic for processing. Anthropic processes this data in accordance with their own privacy and data handling policies. We recommend reviewing Anthropic's privacy policy for details on how they handle data. We do not send your personal account information (name, email) to AI processing services — only the review text itself.

5. Data Storage

Your account data and application data are stored using Supabase, a cloud database platform. Supabase employs industry-standard security measures including encryption at rest and in transit. Our infrastructure is hosted in the United States.

6. Third-Party Services

We use the following third-party services that may have access to your data:

  • Supabase — Database hosting and authentication
  • Stripe — Payment processing and subscription management
  • Anthropic — AI processing for generating review responses
  • Vercel — Application hosting and deployment

Each of these services has their own privacy policies governing how they handle data. We encourage you to review their respective policies.

7. Cookies

We use cookies and similar technologies to maintain your session, remember your preferences, and analyze usage. For detailed information about our cookie practices, please see our Cookie Policy.

8. Data Retention

We retain your account information for as long as your account is active or as needed to provide the Service. Generated responses and submitted review text may be retained for up to 12 months to improve the Service. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as fraud prevention).

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data: (a) the right to access the personal data we hold about you; (b) the right to request correction of inaccurate data; (c) the right to request deletion of your data; (d) the right to data portability; (e) the right to opt out of certain data processing activities; and (f) the right to withdraw consent at any time. To exercise any of these rights, please contact us at [SUPPORT_EMAIL].

10. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly.

11. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

[COMPANY_NAME]
[ADDRESS]
[SUPPORT_EMAIL]