Privacy Policy

Last updated: February 6, 2026

1. Introduction

ReplyOS ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

We collect information in the following ways:

  • Account Information: When you connect via X (Twitter) OAuth, we receive your username, display name, and profile image.
  • Usage Data: Information about how you interact with our service, including AI suggestions generated, replies published, and posts created.
  • Monitored Account Data: We cache public posts from accounts you choose to monitor. This data is refreshed every 24 hours via a shared global cache.
  • Subscription Data: Billing information is processed by Stripe. We store your subscription status, plan, and usage limits but never your payment card details.

3. How We Use Your Information

  • To provide and maintain our service, including Smart Feed, Ghostwriter, and Post Writer
  • To personalize AI-generated reply and post suggestions based on your configured voice, tone, and audience
  • To process subscriptions and manage usage limits
  • To improve our algorithms and service quality
  • To communicate with you about updates and support

4. Data Storage and Security

Your data is stored securely using Supabase infrastructure with Row-Level Security (RLS) enabled. X OAuth tokens are encrypted using AES-256 encryption before storage. We implement industry-standard security measures to protect your information.

5. Third-Party Services

We use the following third-party services:

  • X (Twitter) API: To post replies and tweets on your behalf (write operations only)
  • Anthropic (Claude AI): To generate personalized reply and post suggestions using Claude Sonnet and Haiku models
  • Stripe: To process subscription payments securely
  • Supabase: For authentication and database services

6. Data Retention

We retain your account data for as long as your account is active. Monitored account cache data is refreshed every 24 hours. Sync data uses a 24-hour TTL to prevent redundant updates. You can request deletion of your account and associated data at any time by contacting us.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Revoke X OAuth access at any time through X settings
  • Export your data in a portable format
  • Cancel your subscription at any time from Settings

8. Cookies

We use essential cookies to maintain your session and authentication state. We do not use tracking cookies or third-party advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@replyos.com