Legal Document

Privacy Policy

Last Updated: February 5, 2026

Effective Date: February 5, 2026

1. Introduction

FliesReplies ("we", "our", "us", or "the Service") is a Chrome browser extension that helps users generate personalized social media responses. We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information.

This Privacy Policy explains:

  • What information we collect and why
  • How we use and protect your information
  • Your rights regarding your data
  • How to contact us with questions

By installing and using FliesReplies, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email Address: Required for account creation, authentication, and communication.
  • Password: Encrypted and hashed using industry-standard methods (never stored in plain text).
  • User ID: A unique identifier automatically generated for your account.
  • Account Creation Date: Timestamp of when you created your account.

2.2 Content and Usage Data

To provide personalized response suggestions, we collect:

  • Tone Examples: Your written responses to example posts during onboarding (typically 8-16 examples). These are used exclusively to learn your writing style, tone, and communication preferences.
  • Content Pillars: Topics you select that represent your expertise (3-5 topics such as "AI & Machine Learning", "Entrepreneurship", etc.)
  • Platform Preferences: Which social media platforms you use (LinkedIn, X/Twitter, or both)
  • Posted Responses: Records of responses you actually post through the extension, including:
    • The response text
    • The platform (LinkedIn or X)
    • Timestamp of when it was posted
    • The original post content (truncated for context)
  • Original Posts: Content of posts you're replying to (stored temporarily for context during response generation)

2.3 Technical Data

We automatically collect certain technical information:

  • Extension Usage: When you use the extension to generate responses
  • Error Logs: Technical errors that occur (for debugging and improvement)
  • Browser Information: Chrome version (for compatibility)

2.4 What We Do NOT Collect

We explicitly do NOT collect:

  • Your social media passwords or login credentials
  • Your browsing history outside of LinkedIn/X
  • Personal information from your social media profiles
  • Location data
  • Device information beyond browser type
  • Any data from websites other than LinkedIn and X

3. How We Use Your Information

3.1 Primary Uses

  • Tone Learning: Your tone examples are analyzed to understand your writing style, vocabulary, sentence structure, and communication preferences. This enables the AI to generate responses that sound authentically like you.
  • Response Generation: When you request a response suggestion, we use your tone examples and content pillars to generate personalized options.
  • Service Delivery: To provide, maintain, and improve the extension's functionality
  • Analytics Dashboard: To show you statistics about your engagement (reply counts, activity graphs, trends)

3.2 Service Improvement

  • Error Resolution: Technical error logs help us fix bugs and improve stability
  • Feature Development: Usage patterns help us understand which features are most valuable
  • AI Model Enhancement: Aggregated, anonymized data may be used to improve response quality (your personal data is never shared)

3.3 Communication

  • Account Management: Email notifications for account-related activities (if applicable)
  • Service Updates: Important announcements about the extension (rare)
  • Support: To respond to your inquiries and provide customer support

4. Data Storage and Security

4.1 Storage Provider

All data is stored securely in Supabase (supabase.com), a PostgreSQL database service that provides:

  • Enterprise-grade security infrastructure
  • SOC 2 Type II compliance
  • ISO 27001 certification
  • Data residency options

4.2 Encryption

In Transit

HTTPS/TLS Encryption

At Rest

Database Encryption

Authentication

bcrypt Password Hashing

4.3 Security Practices

  • Row Level Security (RLS): Database-level security ensures you can only access your own data
  • Access Controls: Strict access controls limit who can view or modify data
  • Regular Security Audits: We regularly review and update our security practices
  • Secure API Keys: API keys and credentials are stored securely and never exposed to clients

4.4 Data Breach Protocol

In the unlikely event of a data breach:

  • We will notify affected users within 72 hours
  • We will report to relevant authorities as required by law
  • We will take immediate steps to secure the breach and prevent further access

5. Data Sharing and Third-Party Services

5.1 No Sale or Sharing

We do NOT:

  • Sell your personal information to anyone
  • Share your data with third parties for marketing purposes
  • Use your data for advertising
  • Share your tone examples or responses with other users

5.2 Service Providers

We use the following third-party services that process data on our behalf:

Supabase (Database Hosting)

  • Purpose: Stores all your data securely
  • Data Processed: All account and content data
  • Location: United States (with data residency options)
  • Security: Enterprise-grade security, SOC 2 compliant
  • Privacy: Supabase processes data only as necessary to provide hosting services

5.3 Legal Requirements

We may disclose your information if required by law:

  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety
  • To prevent fraud or security threats
  • In connection with a business transfer (merger, acquisition, etc.)

6. Your Rights and Choices

6.1 Access and Portability

  • View Your Data: You can see all your stored data through the extension's interface
  • Export Your Data: Request a copy of all your data in a machine-readable format
  • Data Portability: Your data belongs to you - you can export it at any time

6.2 Correction and Updates

  • Update Information: Modify your content pillars, retrain your voice, or update preferences at any time
  • Account Settings: Change your email or password through account settings

6.3 Deletion Rights

  • Delete Account: You can delete your account and all associated data at any time
  • Delete Specific Data: Remove individual tone examples or content pillars
  • Retrain Voice: Delete tone examples for a specific platform and retrain
  • Permanent Deletion: Deleted data is permanently removed within 30 days (backups may retain data for up to 90 days)

6.4 Opt-Out Rights

  • Stop Using the Service: You can stop using the extension at any time
  • Uninstall: Removing the extension stops all data collection from inside LinkedIn and X
  • Block Analytics: You can block our website analytics by enabling Do Not Track in your browser, using an ad blocker, or declining cookies in your browser settings

6.5 How to Exercise Your Rights

To exercise any of these rights:

  • Through the Extension: Use built-in features (delete account, retrain voice, etc.)
  • Email Request: Contact us at support@fliesreplies.com with your request
  • Response Time: We will respond within 30 days (or as required by applicable law)

7. Data Retention

7.1 Active Accounts

  • Retention Period: Data is retained while your account is active
  • Inactive Accounts: Accounts inactive for 2+ years may be deleted with prior notice

7.2 Deleted Accounts

  • Immediate Deletion: Account deletion triggers immediate removal of accessible data
  • Backup Retention: Backups may retain data for up to 90 days before permanent deletion
  • Legal Requirements: Some data may be retained longer if required by law

7.3 Specific Data Types

  • Tone Examples: Stored until you delete them, retrain your voice, or delete your account
  • Posted Responses: Retained for statistics. Deleted when you delete your account
  • Content Pillars: Stored until you delete them or your account
  • Error Logs: Retained for 90 days, then automatically deleted

8. International Data Transfers

8.1 Data Location

  • Primary Storage: United States (Supabase servers)
  • Processing: United States
  • Your Location: Data may be transferred from your country to the United States

8.2 Transfer Safeguards

We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) with service providers
  • Compliance with GDPR requirements
  • Industry-standard security measures

9. Children's Privacy

FliesReplies is intended for users 18 years of age or older. The Service is not designed for or directed at minors, and we do not knowingly collect personal information from anyone under 18. If you believe we have collected information from a person under 18, please contact us immediately at support@fliesreplies.com and we will delete it.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to Know: Request details about what personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we don't sell data, but you have this right)
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at support@fliesreplies.com.

11. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights:

  • Right of Access: Obtain confirmation of what data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your data
  • Right to Withdraw Consent: Withdraw consent at any time

Legal Basis for Processing:

  • Consent: You consent by using the extension
  • Contract Performance: Necessary to provide the service
  • Legitimate Interests: Service improvement and security

12. Cookies and Tracking

FliesReplies uses cookies and similar technologies on our website (fliesreplies.com) and inside the Chrome extension for the limited purposes described below. We do not sell any cookie or tracking data.

12.1 Essential Authentication

Supabase, our authentication and database provider, sets essential cookies to keep you signed in and to maintain your session. These cookies are required for the Service to work. Disabling them will prevent you from signing in.

12.2 Website Analytics

Our website uses Google Analytics 4 (GA4) to measure traffic and understand how visitors interact with the site (which pages are viewed, where visitors come from, how long they stay). GA4 sets cookies in your browser when you visit the site.

Data collected through GA4 is processed in aggregate. We do not link your analytics activity to your account or to any personally identifying information you provide to us elsewhere.

12.3 Marketing Pixels

When we are running paid ad campaigns, our website may also load a Meta Pixel (Facebook) to measure ad conversions and build retargeting audiences. The Meta Pixel sets cookies and records page views. If no Meta Pixel ID is configured at the time of your visit, this pixel does not load.

12.4 What We Don't Use

We do not use the Chrome extension itself to set tracking cookies, run analytics inside LinkedIn or X, or follow your activity on websites other than fliesreplies.com.

12.5 Your Choices

You can block analytics and marketing cookies by enabling Do Not Track in your browser, installing a content blocker (such as uBlock Origin or Privacy Badger), or declining cookies through your browser's cookie settings. Blocking these will not affect your ability to use the Chrome extension itself.

13. Changes to This Privacy Policy

13.1 Policy Updates

We may update this Privacy Policy from time to time to reflect:

  • Changes in our practices
  • Legal or regulatory requirements
  • Service improvements

13.2 Notification of Changes

We will notify you of material changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Posting a notice in the extension (for significant changes)
  • Email notification (for major changes affecting your rights)
  • In-app notification (when you next use the extension)

13.3 Continued Use

Your continued use of FliesReplies after changes constitutes acceptance of the updated policy. If you disagree with changes, you may delete your account.

14. Contact Information

If you have questions, concerns, or wish to exercise your privacy rights, please contact our data protection representative:

Email: support@fliesreplies.com

Average Response Time: 48 Hours

For GDPR-related requests, please include "GDPR Request" in your subject line.

15. Compliance and Legal Basis

15.1 Regulatory Compliance

This extension complies with:

  • GDPR (General Data Protection Regulation) - European Union
  • CCPA (California Consumer Privacy Act) - California, USA
  • Chrome Web Store Privacy Requirements - Google's extension policies
  • COPPA (Children's Online Privacy Protection Act) - United States

15.2 Legal Basis (GDPR)

We process your data based on:

  • Consent: You provide consent by creating an account and using the service
  • Contract: Processing is necessary to provide the service you requested
  • Legitimate Interests: Service improvement, security, and fraud prevention

15.3 Data Protection Officer

For GDPR inquiries, you may contact our data protection representative at support@fliesreplies.com.

16. Dispute Resolution

16.1 Complaints

If you have concerns about how we handle your data:

  • Contact us first at support@fliesreplies.com
  • We will investigate and respond within 30 days

16.2 Regulatory Complaints

You have the right to file a complaint with your local data protection authority:

  • EU: Your country's data protection authority
  • UK: Information Commissioner's Office (ICO)
  • California: California Attorney General

17. Data Processing Agreement

By using FliesReplies, you acknowledge that:

  • You have read and understood this Privacy Policy
  • You consent to the collection and use of your information as described
  • You are at least 18 years old
  • You have the authority to consent on behalf of any organization you represent

18. Additional Information

18.1 Security Best Practices

We recommend:

  • Using a strong, unique password
  • Not sharing your account credentials
  • Regularly reviewing your tone examples and content pillars
  • Keeping your Chrome browser updated

18.3 Third-Party Links

The extension may contain links to external websites (LinkedIn, X). We are not responsible for the privacy practices of these external sites.

End of Privacy Policy © 2026 FliesReplies

By installing and using FliesReplies, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, please do not use the extension.