Privacy Policy

Last updated: May 4, 2026

1. Introduction

This Privacy Policy describes how Replydesk ("we", "us") collects, uses, and protects your personal information when you use our AI support drafting software.

2. Information We Collect

Account information: email address, encrypted password, display name.

Support content: ticket threads, customer messages, existing drafts, policy notes, and workflow instructions that you submit for processing.

Usage data: workflow counts, timestamps, authentication events, and security metadata including IP address and user agent.

Payment information: processed entirely by our third-party payment provider — we only store subscription status and the customer ID assigned by the payment provider. We never see or store your card details.

Technical data: browser type, device type, referrer (if any), cookies for authentication.

3. How We Use Information

  • Provide and operate the Service
  • Generate drafts, summaries, API responses, and other requested outputs
  • Process payments through our payment provider
  • Enforce usage limits per your plan
  • Detect and prevent abuse, fraud, and security threats
  • Send essential service emails (receipts, security alerts)
  • Improve our support drafting workflows and user experience (anonymized data only)

4. Data Sharing

We do not sell personal information. We share data only with:

  • Payment provider — payment processing, billing, and tax compliance
  • Cloud providers — infrastructure hosting (encrypted at rest)
  • AI model providers — prompts and support context are sent to model APIs to produce the requested outputs
  • Legal authorities — when required by law

5. Data Retention

Account data is retained while your account is active. Support content and workflow history are retained while needed to operate your workspace and are deleted when you delete your account, unless a longer retention period is required by law. Payment records are kept for 7 years per legal requirements.

6. Your Rights

Subject to applicable law, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data in a portable format
  • Object to processing
  • Withdraw consent at any time

You can delete your account from the dashboard. To exercise any other privacy rights, email privacy@replydesk.xyz.

7. Cookies

We use strictly necessary cookies for authentication (JWT refresh tokens) and a language preference cookie (`lang`). We do not use tracking or advertising cookies.

8. Security

We use industry-standard encryption (TLS in transit, encryption at rest), hashed passwords (Argon2id), and rate limiting. Despite our efforts, no system is 100% secure.

9. Children

The Service is not directed at children under 18. If you believe we have collected data from a child, contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy. Significant changes will be announced via email.

11. Contact

For privacy-related questions: privacy@replydesk.xyz

For general service questions: support@replydesk.xyz