Product

Solution

Free Tools

Pricing

Get Started Free

Privacy Policy

Last updated:

January 27, 2026

Effective Date:

January 27, 2026

Reepl ("we," "us," or "our") is operated by Autodeus Technologies Pvt Ltd. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have regarding your data. It applies to all information collected through our web application at app.reepl.io, our Chrome browser extension ("Reepl Extension"), our website at reepl.io, our free tools at tools.reepl.io, and any related services, sales, marketing, or events (collectively, the "Services").

By using our Services, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our Services.

1. Information We Collect

1.1 Information You Provide Directly

Account Information: Name, email address, password, and optionally your phone number, when you create an account.
Profile Information: Job title, company name, industry, and LinkedIn profile URL.
Payment Information: When you purchase a subscription or credits, payment is processed by Stripe. We store your Stripe customer ID and subscription details but do not store your credit card number or full payment details on our servers.
User-Generated Content: Posts, drafts, comments, replies, prompts, templates, and other content you create or save using our Services.
Support Communications: Messages and information you provide when contacting our support team through Intercom.

1.2 Information Collected Through LinkedIn Integration

When you connect your LinkedIn account via OAuth 2.0, we request the following permissions:

Scope

openid

profile

w_member_social

Purpose

Verify your identity

Access your name and profile picture

Access your email address

Publish posts and manage content on your behalf

Through the LinkedIn API, we may access and store:

Your LinkedIn profile information (name, headline, profile photo, profile URL)
Posts you publish through our platform and their analytics (impressions, reactions, comments)
Post drafts and scheduled content

We do not access your private LinkedIn messages, your full connection list, or LinkedIn data beyond what the above scopes provide.

1.3 Information Collected Through the Chrome Extension

When you use the Reepl Chrome Extension on LinkedIn, the extension reads publicly visible information on the LinkedIn page you are viewing to provide contextual AI suggestions. This may include:

Profile names, headlines, and about sections of profiles you are viewing
Work experience, education, and skills listed on viewed profiles
Recent posts and activity visible on viewed profiles
Content in comment boxes and message threads where you are composing a reply

This data is processed to generate AI-powered reply and content suggestions. Profile data you choose to save is stored in your Reepl account.

Chrome Extension Permissions:

Permission

tabs

activeTab

storage

clipboardWrite

Purpose

Detect when you are on LinkedIn

Read content on the current LinkedIn page

Cache your preferences and credits locally

Copy generated content to your clipboard

The use of information received from Google APIs adheres to the [Chrome Web Store User Data Policy](https://developer.chrome.com/docs/webstore/program-policies/), including the Limited Use requirements.

1.4 Information Collected Through Third-Party Integrations

When you connect third-party services through our Integrations feature, we store an OAuth access token and refresh token to maintain the connection. We only access data within the scopes you authorize during the connection flow.

Available integrations and the data accessed:

Integration

Google (Drive, Sheets, Docs)

HubSpot

Notion

Figma

Airtable

Miro

Pipedrive

Zoho CRM

Slack

Lemlist

Data Accessed

Files, spreadsheet data, and document content you select

Contacts, deals, and conversation data

Workspace databases and page content

Design file access (read-only)

Table records and base schemas

Board content

Contacts and deal data

CRM module data

Channel messages, workspace info

Campaign and lead data

You can disconnect any integration at any time from Settings > Integrations, which revokes the stored access token.

1.5 Information Collected Automatically

Usage Data: Features used, actions taken, content created, credits consumed, and session activity.
Device and Browser Information: Browser type, operating system, device type, and screen resolution.
Log Data: IP address, access times, pages viewed, and referring URLs.
Cookies and Similar Technologies: See Section 7 (Cookies) for details.

2. How We Use Your Information

We use the information we collect to:

Provide and operate the Services: Generate AI-powered content, manage your drafts and posts, schedule LinkedIn content, and facilitate integrations.
Process AI requests: Send your prompts and content to AI providers to generate replies, posts, and other content (see Section 3.2).
Manage your account: Authenticate you, manage your subscription, track credit usage, and process payments.
Communicate with you: Send transactional emails (account confirmation, password reset, billing notifications), product updates, and support responses.
Improve the Services: Analyze usage patterns, diagnose technical issues, and develop new features.
Ensure security: Detect fraud, prevent abuse, and enforce our terms of service.
Comply with legal obligations: Respond to legal requests and enforce our rights.

3. How We Share Your Information

We do not sell your personal information. We share data with the following categories of third parties, solely for the purposes described in this policy:

3.1 Cloud Infrastructure

Our Services are hosted on Amazon Web Services (AWS). Your data is stored and processed using the following AWS services:

Service

AWS DynamoDB

AWS S

AWS Lambd

AWS Cognito

AWS SES

AWS CloudWatch

Purpose

Primary database for user accounts, content, and preferences

File and image storage

Serverless compute for API processing

Authentication and user management

Transactional and marketing emails

Application logging and monitoring

Region

EU (Stockholm, eu-north-1)

US East (Virginia, us-east-1)

EU (Stockholm, eu-north-1)

3.2 AI and Machine Learning Providers

To generate content, we send your prompts and relevant context (such as profile information or post content) to the following AI providers:

Provider

Azure OpenAI (Microsoft)

OpenAI

DeepSeek

Anthropic Claude (via Azure AI Foundry

Google Gemini

Perplexity

Purpose

Primary AI content generation

Fallback AI content generation

AI content generation

AI image generation

Content idea generation

3.2 AI and Machine Learning Providers

To generate content, we send your prompts and relevant context (such as profile information or post content) to the following AI providers:

Provider Purpose Azure OpenAI (Microsoft) Primary AI content generation OpenAI Fallback AI content generation DeepSeek Fallback AI content generation Anthropic Claude (via Azure AI Foundry) AI content generation Google Gemini AI image generation Perplexity Content idea generation

Your content is sent to these providers' APIs for processing. Each provider has its own data handling policies. We recommend reviewing their respective privacy policies. We do not use your content to train AI models -- the data is processed solely to return a response to your request.

If you provide your own API keys for any AI provider (e.g., OpenAI, Gemini), requests are sent directly using your key.

3.3 Data Enrichment

We use third-party data enrichment and analytics providers to supplement publicly available professional profile information. This may include matching LinkedIn profile URLs to obtain professional email addresses, company details, and industry information to support contact management and outreach features. We may also share limited profile data (such as name, job title, location, and industry) with engagement analytics providers for social proof and user engagement purposes.

You can control contact data collection via Settings > Privacy.

3.4 Analytics, Product Improvement, and Marketing

We use analytics and tracking services to understand how users interact with our Services, measure the effectiveness of our marketing, and improve the user experience. These services may collect:

Product analytics: User ID, usage events, subscription tier, feature usage, page interactions, and session recordings (with sensitive fields such as API keys and payment details masked).
Website analytics: Anonymized page views, site interactions, and referral sources.
Tracking pixels: We may use small transparent images embedded in emails or web pages to measure email open rates, click-through rates, and website conversions. These pixels may collect your IP address, browser type, and interaction data.

3.5 Customer Communication and Support

We use third-party platforms to provide customer support and send transactional and marketing emails. These services may receive your name, email address, subscription status, usage metrics, and lifecycle stage to facilitate support conversations, email campaigns, and product notifications.

3.6 Payment Processing

Service

Stripe

Data Shared

Payment method details, billing address, subscription information

Purpose

Payment processing and subscription management

Stripe is PCI DSS Level 1 certified. We do not store your full credit card details.

3.7 Security and Bot Protection

Service

Cloudflare Turnstile

Sentry

Data Shared

IP address (optional), challenge response

Error context, device info, anonymized user ID

Purpose

Bot protection on free tools

Error tracking and debugging

3.8 LinkedIn API

When you connect your LinkedIn account and use our scheduling or posting features, we interact with the LinkedIn API to publish content, retrieve post analytics, and manage your posts on your behalf. This is governed by LinkedIn's API Terms of Use and your consent during the OAuth flow.

3.9 Legal and Safety

We may disclose your information if required to:

Comply with applicable law, regulation, legal process, or governmental request.
Enforce our Terms of Service or other agreements.
Protect the rights, property, or safety of Reepl, our users, or the public.

4. Data Storage and International Transfers

Your data is primarily stored in the European Union (Stockholm, Sweden -- AWS eu-north-1 region). Certain data, such as uploaded images and generated files, may be stored in the United States (AWS us-east-1 region).

When data is transferred outside the EU/EEA, we rely on:

Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to third-party service providers.
AWS's compliance certifications, including SOC 2, ISO 27001, and adherence to the EU-US Data Privacy Framework.

Third-party service providers (analytics, AI providers, payment processors) may process data in various jurisdictions. Each provider maintains appropriate safeguards for international data transfers as described in their respective privacy policies.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services. Specifically:

Data Type

Account information

User-generated content

LinkedIn profile data you save

OAuth integration tokens

Payment and billing records

Usage analytics

Support conversations

Perplexity

Retention Period

Until account deletion

Until deleted by you or account deletion

Until you disconnect the integration or account deletion

7 years (legal/tax obligations)

24 months from collection

24 months from last interaction

90 days

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

6.1 Rights Under GDPR (EU/EEA Users)

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure: Request deletion of your personal data ("right to be forgotten").
Restriction: Request restriction of processing of your data.
Data Portability: Request your data in a structured, commonly used, machine-readable format.
Objection: Object to processing based on legitimate interests or for direct marketing.
Withdraw Consent: Withdraw consent at any time where processing is based on consent.
Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing. Our AI features generate content suggestions, but all publishing decisions are made by you.

Legal Basis for Processing (GDPR Article 6):

Processing Activity

Account creation and service delivery

Payment processing

AI content generation

LinkedIn posting on your behalf

Third-party integrations

Analytics and product improvement

Marketing communications

Security and fraud prevention

Legal compliance

Legal Basis

Performance of a contract

Your explicit consent (OAuth)

Legitimate interest

Consent (opt-in)

Legitimate interest

Legal obligation

To exercise your rights, contact us at hello@reepl.io or use the Data & Privacy settings page in your account at Settings > Privacy.

You also have the right to lodge a complaint with your local data protection authority.

6.2 Rights Under CCPA (California Users)

If you are a California resident, you have the right to:

Know what personal information we collect, use, and disclose.
Delete your personal information.
Opt out of the sale of personal information. We do not sell personal information.
Non-discrimination for exercising your privacy rights.

To exercise your CCPA rights, contact us at hello@reepl.io.

6.3 Managing Your Data

You can manage your data directly through the Services:

Privacy Settings: Go to Settings > Privacy to control what data the extension collects and how it is used.
Disconnect Integrations: Go to Settings > Integrations to revoke access to any connected service.
Delete Content: Delete individual posts, drafts, contacts, and templates from within the application.
Delete Account: Contact us at hello@reepl.io to request full account deletion.
Email Preferences: Unsubscribe from marketing emails using the link in any email, or manage preferences in Settings.

7. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve our Services.

Types of Cookies We Use

Type

Essential

Functional

Analytics

Purpose

Authentication, security, session management

Language preferences, user settings

Usage tracking via Mixpanel, PostHog, Google Analytics

Duration

Session / persistent

Persistent (up to 1 year)

Persistent (up to 2 years)

Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may prevent certain features from working correctly.

The Chrome Extension uses chrome.storage.local to cache your preferences, credits, and session data locally on your device. This data is not shared with third parties and can be cleared by removing the extension.

8. Data Security

We implement industry-standard security measures to protect your data:

Encryption in Transit: All data is transmitted over TLS/HTTPS and WSS (WebSocket Secure).
Authentication: JWT-based authentication with AWS Cognito, with automatic token refresh and expiry.
Access Control: Role-based access to infrastructure and services.
Infrastructure Security: AWS services with SOC 2, ISO 27001, and PCI DSS compliance.
Session Masking: Sensitive fields (API keys, payment details) are masked in session recordings.
Token Security: OAuth tokens are stored securely in DynamoDB with automatic refresh and expiry tracking.

While we implement best practices to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

9. Children's Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at hello@reepl.io.

10. Third-Party Links

Our Services may contain links to third-party websites or services (e.g., LinkedIn, integration partners). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the "Last Updated" date at the top of this page.
Notify you via email or an in-app notification for significant changes.

Your continued use of the Services after any changes constitutes acceptance of the updated policy.

12. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected users within 72 hours of becoming aware of the breach, as required by GDPR.
Notify the relevant supervisory authority where required.
Provide details of the breach, the data affected, and the steps we are taking to address it.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us:

Autodeus Technologies Pvt Ltd
Email: hello@reepl.io
Website: https://reepl.io

For data protection inquiries or to exercise your rights, please email hello@reepl.io with the subject line "Privacy Request."

14. Third-Party Sub-Processors

We use third-party service providers ("sub-processors") to help deliver our Services. These providers fall into the following categories: