Privacy Policy
Your privacy matters. This policy explains what data AutoReply collects, how it is used, and the choices available to you.
Effective Date: February 27, 2026 | Last Updated: February 27, 2026
1. Introduction
AutoReply ("the App," "we," "us," or "our") is an AI-powered reply and content generation assistant available on the iOS App Store. The App is operated through the website getautoreply.com.
This Privacy Policy describes how we collect, use, store, and share information when you use AutoReply. By downloading, installing, or using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.
We encourage you to also review our Terms of Use, which govern your use of AutoReply.
2. Information We Collect
2.1 Account Information
When you create an account, we collect the following depending on your chosen authentication method:
- Apple Sign-In: User identifier provided by Apple, email address (may be a private relay address if you choose to hide your email)
- Google Sign-In (OAuth): Email address, Google user identifier
- Email/Password: Email address, securely hashed password
2.2 Content You Provide
When you use the App's AI generation features, we process the following data to generate responses:
- Text content you input or share (limited to 3,000 characters)
- Selected platform (e.g., Instagram, X, LinkedIn)
- Selected tone and language preferences
- Trained writing style data ("Write As Me" feature)
- URL context from shared social media posts
- Text prompts for image generation, including model selection and aspect ratio
2.3 Usage and Transaction Data
- User ID and credit balance
- Credit transaction history (purchases, usage, daily resets)
- Subscription plan and status
- Purchase transaction records (managed through RevenueCat and Apple)
2.4 Device Information
- Firebase Cloud Messaging (FCM) device token for push notifications
- App preferences (language, theme, selected style)
2.5 Information We Do NOT Collect
- We do not collect precise location data
- We do not collect contacts or address book data
- We do not collect browsing history outside the App
- We do not use advertising identifiers or ad tracking
- Firebase Analytics is disabled in the App
3. How We Use Your Information
We use the information we collect for the following purposes:
- Provide the Service: Process your text and image generation requests through our AI providers
- Account Management: Authenticate your identity, manage your profile, and maintain your account
- Subscription and Credits: Track your subscription status, manage credit balances, and process transactions
- Push Notifications: Send you updates about your account, new features, or important service information
- Service Improvement: Understand how features are used to improve the App experience
- Customer Support: Respond to your inquiries and resolve issues
4. Third-Party Services
AutoReply integrates with the following third-party services to deliver its functionality. Each service receives only the minimum data necessary for its purpose.
| Service | Purpose | Data Shared |
|---|---|---|
| OpenAI (via api.getautoreply.com) | Text content generation | User text (max 3,000 chars), platform, tone, language, trained style, URL context |
| fal.ai (via api.getautoreply.com) | Image generation | Text prompt, model selection, aspect ratio |
| Supabase (api.getautoreply.com) | Backend, authentication, user profiles, credit ledger | Email, user ID, auth tokens, credit transactions, plan status, FCM token |
| RevenueCat | Subscription and in-app purchase management | User ID, email, purchase transactions, subscription status |
| Firebase Cloud Messaging | Push notifications | FCM device token (analytics disabled) |
| fxtwitter API | Fetch public tweet content for context | Tweet URL |
| TikTok oEmbed | Fetch TikTok post content | Post URL |
| YouTube oEmbed | Fetch YouTube video metadata | Video URL |
| Reddit JSON API | Fetch Reddit post content | Post URL |
All communication with third-party services is routed through our secure API server (api.getautoreply.com) over HTTPS. Your data is sent directly to these services only for the purpose of fulfilling your generation requests and is not stored by these providers beyond what is necessary to process the request.
We recommend reviewing the privacy policies of these third-party providers for details on their data handling practices.
5. Data Storage and Security
5.1 On-Device Storage
iOS Keychain (Hardware-Encrypted)
Authentication tokens (access and refresh tokens), user ID, and email address are stored in the iOS Keychain, which leverages hardware-level encryption provided by the device's Secure Enclave.
App Group UserDefaults
App preferences and non-sensitive settings are stored locally, including: language preference, theme selection, writing style data, credit balance cache, consent flags, and subscription status cache.
5.2 Server-Side Storage
Supabase (Cloud Backend)
Your user profile, credit ledger, and plan status are stored on our Supabase-hosted backend. Data is transmitted and stored using industry-standard encryption.
5.3 Security Measures
- All API communication is conducted exclusively over HTTPS (TLS encryption in transit)
- Authentication tokens are stored in the iOS Keychain with hardware-backed encryption
- The App does not implement custom encryption algorithms (ITSAppUsesNonExemptEncryption: false)
- Firebase Analytics is fully disabled
- No advertisements are served and no ad tracking is implemented
- Server-side access controls and authentication protect stored data
6. Device Permissions
AutoReply requests the following device permissions, each for a specific and limited purpose:
Photo Library (Add Only)
Used exclusively to save AI-generated images to your photo gallery. The App cannot read or access your existing photos.
Push Notifications
Used to deliver account updates, feature announcements, and important service information. You can disable notifications at any time in your device settings.
Internet Access
Required for all AI generation features, account synchronization, subscription management, and fetching social media post context for reply generation.
7. Subscriptions and Purchases
AutoReply offers the following plans and purchases:
- Free Plan: 3 lifetime text generations at no cost
- Pro Plans: Weekly, monthly, or yearly subscriptions providing 100 daily credits, managed through RevenueCat and processed by Apple
- Extra Credit Packs: One-time purchases of 100, 300, 600, or 1,000 credits that never expire
Subscription and purchase data, including transaction identifiers and subscription status, is shared with RevenueCat for management purposes and with Apple for payment processing. We do not directly collect or store payment card information.
8. Children's Privacy
AutoReply is not directed at children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected] and we will promptly delete such information.
9. Data Retention
We retain your account data for as long as your account is active or as needed to provide you with the Service. Specifically:
- Account Data: Retained until you delete your account
- Generated Content: Text and image generation requests are processed in real time and are not permanently stored on our servers
- Transaction Records: Credit and purchase history is retained for the duration of your account for service and reconciliation purposes
- On-Device Data: Stored locally and removed when you uninstall the App or delete the data through your device settings
10. Your Rights and Account Deletion
You have the right to:
- Access Your Data: Request a copy of the personal data we hold about you
- Correct Your Data: Request corrections to inaccurate personal data
- Delete Your Account: Permanently remove your account and all associated data
- Withdraw Consent: Opt out of push notifications or revoke device permissions at any time
Full account deletion is available directly within the App. Navigate to Settings and tap "Delete Account." This action permanently removes your user profile, credit ledger, and all associated data from our servers. Please note that active subscriptions should be cancelled separately through Apple before deleting your account.
For any data-related requests, contact us at [email protected].
11. International Data Transfers
Your data may be processed in countries outside your country of residence where our third-party service providers operate. These providers maintain appropriate data protection measures consistent with applicable regulations. By using AutoReply, you consent to the transfer of your information to these jurisdictions.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you through the App or via email.
We encourage you to review this policy periodically. Your continued use of AutoReply after any changes constitutes your acceptance of the updated policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Privacy Questions?
We are committed to protecting your privacy. Reach out to us and we will respond as soon as possible.
[email protected]