Privacy Policy

Effective Date: August 14, 2025

At Replypop, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered WhatsApp assistant platform.

1. Information We Collect

1.1 Account Information

When you create a Replypop account, we collect:

  • Name and email address
  • Business information (business name, type, location)
  • Phone number associated with your WhatsApp Business account
  • Payment information (processed securely through Xendit)
  • Subscription and billing history

1.2 Business Communications Data

To provide our AI assistant service, we process:

  • WhatsApp messages between your business and customers
  • Customer contact information (names, phone numbers)
  • Appointment and booking details
  • Service preferences and history
  • Business hours and availability settings

1.3 Technical Information

We automatically collect:

  • Device information (IP address, browser type, operating system)
  • Usage data (features used, time spent, interaction patterns)
  • Log files and error reports
  • Cookies and similar tracking technologies

2. How We Use Your Information

2.1 Service Provision

  • Process and respond to customer inquiries via AI assistant
  • Manage appointments and bookings
  • Process payments and handle billing
  • Provide customer support and account management
  • Send service-related communications

2.2 Service Improvement

  • Improve AI response accuracy and relevance
  • Develop new features and functionality
  • Analyze usage patterns to optimize performance
  • Conduct research and analytics

2.3 Legal and Security

  • Comply with legal obligations and regulatory requirements
  • Protect against fraud, abuse, and security threats
  • Enforce our Terms of Service
  • Respond to legal requests and prevent harm

3. AI Training and Data Processing

Important Notice:

We may use anonymized and aggregated conversation data to improve our AI models and service quality. However, we do not use identifiable customer data for training external AI systems without explicit consent.

Our AI processing includes:

  • Analyzing message patterns to improve response quality
  • Learning from successful booking interactions
  • Identifying common customer inquiries and preferences
  • Enhancing natural language understanding capabilities

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

4.1 Service Providers

  • Payment processing (Xendit)
  • Cloud hosting and infrastructure providers
  • AI and machine learning service providers
  • Customer support tools

4.2 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights, property, or safety, or that of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

We implement appropriate security measures to protect your information:

  • End-to-end encryption for data transmission
  • Secure data storage with encryption at rest
  • Regular security audits and assessments
  • Access controls and authentication systems
  • Employee privacy and security training

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services and AI models

Message history is retained according to your subscription plan (30 days for Starter, 90 days for Growth, unlimited for Professional). You can request deletion of your data at any time.

7. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal information
  • Update: Correct or update your account information
  • Delete: Request deletion of your personal information
  • Portability: Export your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications
  • Restrict: Limit how we process your information

To exercise these rights, please contact us at privacy@replypop.com.

8. International Data Transfers

Your information may be processed and stored outside of Indonesia, including in countries that may have different data protection laws. We ensure appropriate safeguards are in place to protect your information during international transfers.

9. Children's Privacy

Replypop is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected such information, we will take steps to delete it promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through our service. The updated policy will be effective when posted on our website.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@replypop.com
Data Protection Officer: dpo@replypop.com

Last updated: August 14, 2025
This Privacy Policy is effective as of the date listed above and replaces any prior privacy statements.