Privacy Policy

Replai ("we", "us", "our") is a SaaS service operated at joinreplai.com that automates YouTube comment replies using artificial intelligence. Our contact email is privacy@joinreplai.com.

2.1 Account Data (via Google OAuth)

• Full name, email address, and profile picture from your Google account.
• YouTube channel name, channel ID, and subscriber count.
• YouTube OAuth tokens (access token + refresh token) required to read comments and post replies on your behalf.

2.2 Usage Data

• Comments from your YouTube videos (fetched via YouTube Data API v3).
• AI-generated reply suggestions and final replies posted.
• Reply history, including comment text, strategy used, and timestamp.
• Plan tier (Free / Starter / Pro), monthly usage count, and billing events.

2.3 Technical Data

• Browser type and version, operating system.
• IP address and approximate geographic location.
• Log data: pages visited, features used, timestamps.

2.4 Payment Data

We use Stripe for payments. We never store your credit card number — Stripe handles all payment data under their own PCI-DSS compliance.

• To authenticate your account and maintain your session.
• To fetch YouTube comments from your channel via YouTube Data API v3.
• To generate reply suggestions using DeepSeek AI (a third-party AI provider).
• To post approved replies to YouTube on your behalf.
• To track your monthly reply usage and enforce plan limits.
• To process subscription payments via Stripe.
• To send transactional emails (plan confirmation, account alerts) — no marketing without consent.
• To improve and debug the service.

We share data with the following third parties, strictly as needed:

We do not sell your personal data to any third party, ever.

Our use of YouTube data (comments, channel info, OAuth tokens) complies with the YouTube API Services Terms of Service. Specifically:

• We only access YouTube data you explicitly authorize via OAuth.
• We only post replies to comments on channels you own or manage.
• We do not store YouTube comments beyond what is needed for the service to function.
• You can revoke our YouTube access at any time at myaccount.google.com/permissions.
• Upon account deletion, all YouTube tokens are immediately revoked and deleted.

• Active account: data retained while your account exists.
• Reply history: kept for 12 months, then automatically deleted.
• YouTube OAuth tokens: deleted immediately upon YouTube disconnection or account deletion.
• Deleted accounts: all personal data removed within 30 days of deletion request.
• Payment records: retained for 7 years as required by financial regulations.

Regardless of your location, you have the right to:

• Access: request a copy of all data we hold about you.
• Correction: request we fix inaccurate data.
• Deletion: request complete deletion of your account and data.
• Portability: request your data in machine-readable format (JSON/CSV).
• Restriction: request we stop processing your data while a dispute is resolved.
• Objection: object to data processing for marketing purposes.

To exercise any right, email privacy@joinreplai.com. We respond within 30 days.

GDPR (EU users): Our lawful basis for processing is contract performance (to provide the service you signed up for) and legitimate interest (service improvement).

CCPA (California users): We do not sell personal information. You may request disclosure or deletion of your data at any time.

• All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
• YouTube OAuth tokens are stored encrypted and never exposed in our UI or logs.
• Access to production data is restricted to authorized personnel only.
• In the event of a data breach affecting your personal data, we will notify you within 72 hours as required by GDPR.

Replai is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has provided us data, contact privacy@joinreplai.com and we will delete it immediately.

We may update this policy and will notify you by email and by updating the "Last updated" date. Continued use of Replai after changes constitutes acceptance.

• Privacy questions: privacy@joinreplai.com
• General support: support@joinreplai.com
• Address: Replai, joinreplai.com