Privacy Policy

Overview

This Privacy Policy describes how Warm Reply ("we", "us", or "our") collects, uses, and protects your information when you use our cold email workspace service. We are committed to protecting your privacy and being transparent about our data practices.

Information We Collect

Account Information

When you sign up via Google OAuth, we collect:

• Your name and email address
• Google account identifier
• Profile picture (if available)

Usage Data

We collect data about how you use the Service:

• Email templates you create
• Contact lists you upload or discover
• Emails sent through the platform
• Reply classifications and engagement metrics
• Feature usage and interaction patterns

Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number. We receive and store limited payment information from Stripe, including the last four digits of your card and billing address.

How We Use Your Information

• To provide and maintain the Service
• To process your email sends and track replies
• To classify replies and process billing
• To improve our AI classification models
• To communicate with you about your account
• To detect and prevent fraud or abuse
• To comply with legal obligations

Data Storage and Security

Your data is stored securely using Supabase infrastructure. We implement industry-standard security measures including:

• Encryption in transit (TLS) and at rest
• Secure authentication via Google OAuth
• Regular security audits and monitoring
• Access controls and logging

Data Sharing

We share your information only in these circumstances:

• Service Providers: We use third-party services (Supabase, Stripe, Resend) to operate the platform
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

Email Content

Your email templates and sent messages are stored to provide the Service. We may use anonymized, aggregated data from email interactions to improve our classification algorithms. We do not read your emails for advertising purposes.

Contact Data

Contact information you upload or discover through our lead search is associated with your account. We do not share your contact lists with other users or third parties, except as necessary to send emails on your behalf.

Your Rights

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Object to certain processing activities

To exercise these rights, contact us at hi@subtle.so

Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain data for legal compliance, dispute resolution, or fraud prevention for up to 90 days.

Cookies and Analytics

We use essential cookies for authentication and session management. We use Vercel Analytics to understand how the Service is used. This data is aggregated and does not include personal information.

International Transfers

Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place for any international data transfers in compliance with applicable data protection laws.

Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

For questions about this Privacy Policy or our data practices, please contact us at hi@subtle.so