This Privacy Policy explains how Empra Consultancy LTD ("we", "us", "our"), operating as ReplyLabs, collects, uses, stores, and protects your personal information when you use our service at replylabs.io and the ReplyLabs Google™ Sheets add-on.
1. Who We Are
ReplyLabs is operated by Empra Consultancy LTD, a company registered in the United Kingdom. We are the data controller for the personal information described in this policy.
Contact for data inquiries: privacy@replylabs.io
General: hello@replylabs.io
2. Information We Collect
2.1 Information You Provide
- Account information: Your name, email address, and password when you sign up (or your Google™ account name and email if you sign up via Google™ OAuth).
- Organization information: Company name and website, provided during onboarding.
- Payment information: Processed by Stripe. We receive your last four card digits, card brand, and billing email. We never see or store your full card number.
- API keys (BYOK): If you choose to bring your own provider keys, they are encrypted at rest using AES-256 and stored in our database. We use them only to make API calls on your behalf.
- Batch inputs and outputs: When you run a batch, the cell values you reference (prompt inputs, URLs to scrape, email addresses to verify) and the results produced (AI outputs, scrape outputs, verification verdicts) are written to our database so that the run can be retried, refunded, or supported. This data is retained for the period described in §6 and then automatically purged.
- Support communications: Any emails or messages you send us.
2.2 Information Collected Automatically
- Usage data: Batch job metadata (type, row count, model used, cost, latency, timestamps, success or failure status). This is retained as account history per §6.
- OAuth state: When you grant ReplyLabs access to your Google™ Sheets, we store an encrypted access and refresh token so that long-running batches can finish in the background after you close the sidebar. Tokens are scoped to your account and revoked when you uninstall or sign out.
- Device and browser information: IP address, browser type, operating system, and device type, for security and abuse prevention.
- Analytics data: Page views, feature usage, and interaction events via PostHog (subject to your cookie consent). You can decline analytics in the cookie banner, in which case we do not load PostHog at all.
- Error data: Application errors and performance metrics via Sentry, used to diagnose and fix bugs. We do not record session replays. Sentry is configured to not send personal identifiers (IP addresses, user IDs) on error reports. Errors capture stack traces and breadcrumbs only.
2.3 Information from Third Parties
- Google™: When you install the add-on or sign in with Google™, we receive your name and email address from your Google™ account.
- Stripe: Payment confirmation, subscription status, and invoice data.
3. How We Use Your Information
We use your information to:
- Provide the service. Process your batch jobs and workflows, manage your account, handle billing, and write results back to your Google™ Sheet.
- Improve the service. Analyze usage patterns to identify bugs and improve features.
- Communicate with you. Send transactional emails (receipts, batch completion alerts, password resets). We do not send marketing emails without your consent.
- Prevent abuse. Detect and prevent fraud, spam, or violation of our Terms.
- Customer relationship management. We sync limited account data to HubSpot, our CRM, to manage our relationship with you, including your name, email, company name, plan type, and usage metrics.
3.1 Legal Basis for Processing (GDPR)
For users in the EEA and UK:
| Purpose | Legal Basis |
|---|---|
| Provide the service | Performance of contract |
| Process payments | Performance of contract |
| Send transactional emails | Performance of contract |
| Analytics and product improvement | Legitimate interest |
| CRM and customer success | Legitimate interest |
| Error tracking and bug fixes | Legitimate interest |
| Marketing communications | Consent |
| Cookie-based analytics | Consent |
4. Cookies and Tracking
4.1 Essential Cookies. We use essential cookies for authentication and session management. These are required for the service to function and cannot be disabled.
4.2 Analytics Cookies. We use PostHog for product analytics. PostHog stores a small amount of data on your device (an anonymous identifier, first-party cookie, with a one-year lifetime) so we can recognize returning users in our usage statistics. We only load PostHog if you accept the cookie banner. If you decline, we never load the PostHog SDK on your device, and no PostHog cookies are written. PostHog data is processed in the United States; international transfers from EU/UK users are covered under Standard Contractual Clauses as described in §9. The full inventory of cookies is published at /cookies.
4.3 No Advertising Cookies. We do not use advertising cookies or tracking pixels. We do not sell your data to advertisers.
5. How We Share Your Information
We share your information only with service providers who process data on our behalf. The categories below are summarized; the canonical, comprehensive list of every subprocessor (provider, role, region, what data they receive) lives at /subprocessors and is updated whenever subprocessors change.
| Category | Purpose | Region |
|---|---|---|
| Database and primary application hosting | Store account, organization, batch, and workflow data | EU (London, UK) |
| Workflow processing infrastructure | Run batch and workflow jobs (AI, scraping, verification) end to end | EU (Germany) |
| Payments | Subscription billing and prepaid balance recharges | US / EU |
| AI inference | Generate AI step outputs from your prompts | US / EU (provider-dependent) |
| Web scraping | Fetch and extract content from URLs you provide | US / EU (provider-dependent) |
| Email verification | Check deliverability of email addresses you submit | EU |
| Transactional email | Send signup, billing, and batch completion emails | US |
| Analytics and error reporting | Product analytics (with consent), error tracking, uptime monitoring | US / EU |
| CRM and internal operations | Customer relationship management and operational notifications to our team | EU / US |
We do not sell, rent, or trade your personal information to third parties.
5.1 BYOK Data Processing. When you bring your own API key for an AI, scraping, or verification provider, the API call to that provider is made under your account and your contract with the provider. ReplyLabs still orchestrates the request (routing, retries, cost accounting, writing results back to your sheet) and logs operational metadata such as model, token counts, latency, and cost class. We do not log the content of your prompt or the provider's response in the BYOK path. Your key is stored encrypted at rest and is never shown to other teammates.
5.2 Law Enforcement. We may disclose your information if required by law, court order, or governmental authority. We will notify you where legally permitted.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account and organization information | Until you delete your account |
| Batch and workflow metadata (row counts, costs, timestamps, success/failure status) | Until you delete your account |
| Batch row content (prompt inputs, AI outputs, scrape outputs, verification verdicts) | 30 days from completion, then automatically purged |
| Payment records | 7 years (UK tax compliance) |
| API keys (BYOK) | Until you remove them or delete your account |
| Analytics data (PostHog) | 12 months |
| Error logs (Sentry) | 90 days |
| Server logs and request logs | 30 days |
Account deletion removes all of the above except payment records (which we are legally required to retain for tax purposes) and any anonymized aggregates that no longer identify you.
Note on backups. The retention periods above apply to the live database. Our database provider takes encrypted backups for disaster recovery, which may retain content beyond the live retention window per their standard backup schedule. We do not access or process backup content except to restore service after an incident.
7. Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption in transit: all data transmitted over HTTPS/TLS.
- Encryption at rest: BYOK API keys encrypted using AES-256; database encrypted via our database provider's infrastructure.
- Access control: role-based access within your workspace; admin-only billing controls.
- Authentication: secure password hashing via our auth provider; optional Google™ OAuth.
- Input validation: all API inputs validated using schema validation.
- Rate limiting: API endpoints rate-limited to prevent abuse.
- Secret redaction: credentials, BYOK keys, and bearer tokens are redacted from error logs and analytics events before transmission.
- Infrastructure: hosted on SOC 2 Type II infrastructure providers.
No system is 100% secure. If we discover a data breach that affects your personal information, we will notify you and the relevant supervisory authority in accordance with applicable law.
8. Your Rights
8.1 For All Users
You have the right to:
- Access your personal data (view your profile, usage history, and billing on the dashboard).
- Correct inaccurate data (edit your profile in Settings).
- Delete your account and associated data (from Settings > Delete Account).
- Export your data (your spreadsheet data is already in Google™ Sheets; usage history is viewable on the dashboard).
8.2 Additional Rights for EEA/UK Users (GDPR)
Under GDPR, you also have the right to:
- Restrict processing of your data in certain circumstances.
- Object to processing based on legitimate interest.
- Data portability (receive your data in a structured, machine-readable format).
- Withdraw consent for analytics cookies at any time. You can revisit your cookie consent in two ways: (1) click "Cookie preferences" in the footer of any page; or (2) sign in and go to Settings → Privacy and click "Manage cookie preferences." Your previous decision will clear and the cookie banner will reopen so you can change your choice.
- Lodge a complaint with a supervisory authority (in the UK, the Information Commissioner's Office).
To exercise any of these rights, email privacy@replylabs.io. We will respond within 30 days.
8.3 California Residents (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used.
- Request deletion of your personal information.
- Opt out of the sale of personal information (we do not sell personal information).
- Non-discrimination for exercising your privacy rights.
9. International Data Transfers
Your primary application data is hosted in the United Kingdom (London) and workflow processing runs in the European Union (Germany). Some subprocessors, including certain AI inference providers, analytics, error tracking, and transactional email providers, are based in the United States. Where data is transferred outside the EEA/UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, adequacy decisions where applicable, and the data processing agreements of our service providers. The per-provider region is published at /subprocessors.
10. Children's Privacy
ReplyLabs is not intended for use by anyone under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child, we will delete it promptly.
11. Google™ API Services User Data Policy
ReplyLabs' use of information received from Google™ APIs adheres to the Google™ API Services User Data Policy, including the Limited Use requirements. Specifically:
- We request the OAuth scopes our extension needs to function. The Google™ Sheets add-on uses scopes such as
spreadsheets.currentonlyfor in-sidebar reads of the active spreadsheet,script.container.uito display the sidebar,script.external_requestto communicate with our servers, anduserinfo.email+userinfo.profileto identify you. - To complete long-running batches after you close the sidebar, ReplyLabs operates a separate server-side OAuth Web Application client that asks for the
spreadsheetsscope only. You see and approve this consent screen explicitly when you first enable background completion. The server-side token is stored encrypted in our database, is scoped to your account, and can be revoked at any time from your Google™ Account settings or from the Settings page in our dashboard. - We only read from and write to spreadsheets you have explicitly initiated batches from in our sidebar. We never enumerate, list, or read any other spreadsheet in your Drive.
- Spreadsheet IDs and active row ranges are retained for the duration of an in-flight batch. Row content (prompt inputs and produced outputs) is retained for up to 30 days from completion for retry, refund, and support purposes, then automatically purged.
- We do not use Google™ user data for advertising purposes, profiling, or to train AI models. Every AI inference request we route on your behalf is sent with a per-request flag instructing the provider not to train on the prompt or response. BYOK customers who choose to bring keys for providers that permit training would be acting under their own agreement with that provider, outside ReplyLabs' default routing.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the dashboard. The "Last Updated" date at the top reflects the most recent revision.
13. Contact Us
For privacy-related inquiries, data requests, or complaints:
Empra Consultancy LTD
Email: privacy@replylabs.io
General: hello@replylabs.io
Website: replylabs.io
For UK data protection concerns, you may also contact the Information Commissioner's Office (ICO).