Privacy Policy

This Privacy Policy explains how Repligram collects, uses, stores, and protects information when you use our website, dashboard, APIs, and embedded chatbot tools. By using Repligram, you agree to the practices described in this policy.

For cookie categories and how to change optional cookies, see our Cookie Policy.

1. Data controller

The data controller responsible for personal data described in this policy is Repligram (contact details in section 12). If you use Repligram as a business customer, you may be a controller of your end-users' data when they interact with chatbots you deploy; Repligram typically acts as a processor for that processing, as set out in your agreement with us.

2. Information we collect

2.1 Account and profile data

When you register or use Repligram, we collect information such as your name, email address, authentication identifiers, and basic profile data.

1.2 Workspace and configuration data

We store information needed to operate your workspace, including team membership, chatbot settings, business details, model configuration, and billing-related metadata.

2.3 Content and usage data

We process the content you upload or connect (for example, documents, website URLs, and chatbot instructions), as well as interaction logs, performance events, and service diagnostics.

1.4 Device and technical data

We may collect IP address, browser/device type, approximate location derived from IP, and system logs for reliability, abuse prevention, and security monitoring.

3. How we use information

We use collected information to provide and maintain the service, authenticate users, process subscriptions and payments, detect and prevent fraud or misuse, improve product quality, and communicate service updates, support responses, and policy notices.

4. Legal bases for processing (including GDPR)

Depending on your region, our legal bases may include contract performance, legitimate interests (such as security and product improvement), legal obligations, and consent where required (including optional analytics and marketing tags, which load only if you allow them in our cookie banner).

5. Subprocessors

We use carefully selected service providers to host and operate the product. Depending on your use of Repligram, this may include infrastructure and authentication providers (such as Supabase), payment and billing providers (such as Polar), cloud hosting (such as Vercel), email delivery, and—with your separate consent—analytics or tag management tools (such as Google Analytics, Umami, and Google Tag Manager). A current list is available on request; we will also notify business customers of material subprocessor changes where required by contract.

6. Data sharing and disclosures

We do not sell personal information. We may share information with trusted service providers that support hosting, authentication, analytics, billing, email delivery, and infrastructure operations.

We may also disclose data when required by law, court order, or valid government request, or when necessary to enforce our rights, prevent abuse, or protect users and the public.

7. International transfers

Your data may be processed in countries other than your own. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) and assess transfer risks where applicable.

8. Data retention

We retain data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and operational need.

9. Security measures

We implement technical and organizational safeguards designed to protect data against unauthorized access, disclosure, alteration, and loss. However, no method of transmission or storage is 100% secure.

10. Your rights and choices

Depending on applicable law, you may have rights to access, correct, delete, restrict, or object to processing of your personal information, and to request portability. You may also withdraw consent where processing relies on consent.

You can submit requests by emailing info@repligram.com. We may need to verify your identity before processing a request.

If you are in the European Economic Area, the United Kingdom, or Switzerland, you may also lodge a complaint with your local supervisory authority for data protection.

11. Cookies and similar technologies

We use strictly necessary cookies for authentication, session management, and security. Optional analytics and marketing technologies are used only after you opt in via the cookie banner. See our Cookie Policy for details.

12. Children's privacy

Repligram is not directed to children under 13 (or the minimum age in your jurisdiction). If we learn that personal data from a child was collected without appropriate consent, we will take reasonable steps to delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date.

14. Contact

If you have questions about this policy, contact us at info@repligram.com.