Back

Privacy Policy

Last Updated: August 10, 2025

This Privacy Policy explains how Response Andy ("we", "us") collects, uses, and protects information in connection with our website and services at https://responseandy.com (the "Service"). By using the Service, you agree to this Policy.

1) Information we collect
- Account data: name, email, profile image (via Google or email sign‑in).
- Connected accounts: OAuth identifiers and tokens when you link Reddit, X/Twitter, Bluesky, or Mastodon (scopes limited to what you approve).
- App data: discovery queries, leads we save from public posts, reply drafts, and messages you send through the Service.
- Technical data: device info, IP address, cookies/session data, and basic logs for security and debugging.

2) How we use data
- Provide authentication and account management.
- Discover public posts, generate suggestions, and enable sending replies you approve.
- Maintain security, prevent abuse, and debug.
- Communicate important updates (service, security, billing) and optional product updates if you opt in.

3) AI and third parties
- AI providers: if you enable AI suggestions, we send limited text to an LLM provider (e.g., OpenAI) to generate drafts. We do not allow providers to train on your data where we can opt out.
- Infrastructure and services: hosting (e.g., Vercel), database (e.g., MongoDB Atlas), email (e.g., Resend), payments (e.g., Stripe), and platform APIs (Google, Reddit, X/Twitter, Bluesky, Mastodon). Data shared is limited to what is necessary to operate the Service.

4) Data retention
- Account and integration data: kept while your account is active.
- Leads and messages: retained to power your dashboard and history; you can request deletion.
- Logs: typically kept up to 30–180 days unless required for security or legal reasons.

5) Your choices
- Access, export, delete: contact support@responseandy.com to access or delete your data. We will verify requests and respond as required by law.
- Revoke tokens: disconnect platforms in the app to stop further access.
- Cookies: you can control cookies in your browser settings; some features require them.

6) Security
We use industry‑standard measures (encryption in transit, access controls). No method is 100% secure; please protect your account credentials.

7) Children
The Service is not intended for children under 13, and we do not knowingly collect data from them.

8) International transfers
We may process data in the US or other countries. Where required, we use appropriate safeguards for cross‑border transfers.

9) Changes
We may update this Policy from time to time. Material changes will be posted here and may be notified in‑app or by email.

10) Contact
Email support@responseandy.com for privacy questions or requests.