1Who We Are
Replya (“we”, “our”, “us”) is a Chrome extension that generates AI-powered comment suggestions for LinkedIn. The extension is operated by Aditya (contact: aditya@prepaired.app).
This Privacy Policy explains what information Replya collects, why it collects it, how it is used, and your rights regarding that information.
2Data Collection
2.1 Account Data (collected at sign-in)
2.2 Personalization Data (optional)
- Job title
- Company name
- Area of expertise / professional background
This data is stored in your account and used only to tailor AI-generated comments to your professional context. It is never shared with third parties for advertising.
2.3 LinkedIn Post Content (processed per request)
- The text content of the LinkedIn post visible on your screen
- The poster’s name as displayed on LinkedIn
- Your draft comment text, if you had already started typing
- Your preferences (tone, length, emoji on/off)
This content is sent over an encrypted HTTPS connection. To help us improve suggestion quality and protect against abuse, we store a snippet (up to the first 500 characters) of the post text in our secure backend logs for a limited period (30 days). The full text of the post is discarded after the AI response is returned and is never stored permanently.
2.4 User Preferences (stored locally and in your account)
- Tone preference (Professional, Enthusiastic, Friendly, Thoughtful)
- Length preference (Short, Medium, Long)
- Emoji and follow-up question toggles
- Custom DOM selectors, if you used the “Having Issues?” compatibility wizard
Preferences are stored in your browser’s local extension storage (chrome.storage.local) and optionally synced to your Replya account.
2.5 Authentication Tokens
2.6 Usage and Log Data
- IP Address (used for rate limiting and security)
- Request status (success/fail) and extension version
- Timestamps of your AI requests
We do not collect browsing history, visited URLs outside linkedin.com, or keystroke data.
2.7 Data We Do NOT Collect
Replya does not collect, request, or store any of the following:
- Passwords — authentication is handled entirely via Google OAuth 2.0; your password is never transmitted to or stored by Replya (see section 2.5)
- Phone numbers
- Payment or financial information (credit card numbers, bank details)
- Government-issued ID numbers (SSN, passport, driver’s license)
- Biometric data
- Health or medical information
- Precise geolocation
- Browsing history outside of linkedin.com
- Keystroke or clipboard data
3Data Handling
We handle your data explicitly to provide, maintain, and improve the functionality of the Replya extension. The use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
| Data | Handling Purpose |
|---|---|
| Email + Name | Create and identify your account |
| Personalization fields | Tailor AI-generated comments to your background |
| LinkedIn post content | Generate context-aware comment suggestions via AI |
| Preferences | Apply your settings to each suggestion request |
| Auth tokens | Maintain your authenticated session |
We do not use your data for advertising, sell it to third parties, or handle it outside of what is described in this policy.
4Data Storage
Your data is stored securely using industry-standard cloud providers (Supabase). We employ safeguards such as encryption at rest and in transit to protect your information.
| Data | Storage Period |
|---|---|
| Account data (email, name) | Stored until you delete your account |
| Personalization preferences | Stored until you delete your account or clear them |
| LinkedIn post content | A 500-character snippet is stored for 30 days for quality control; full text is discarded immediately. |
| Local extension preferences | Stored on your device until extension is uninstalled or storage is cleared. |
| Usage logs (IP address) | Stored for 30 days for security and rate limiting. |
| OAuth tokens | Stored securely until you sign out or the token expires. |
To delete your account and all associated stored data, email aditya@prepaired.app with the subject line “Delete My Replya Account.”
5Data Sharing
We do not sell your personal information to anyone. We share your data only with the following trusted third-party service providers, solely to provide and maintain Replya:
AI Language Model Providers
LinkedIn post content is sent to third-party AI providers (such as OpenAI, Google Gemini, or Alibaba Qwen) to generate suggestions. These providers process data over encrypted connections and, according to their enterprise terms, do not use this data to train or improve their models.
Supabase (Database & Auth)
We use Supabase to store your account data, personalization fields, and usage logs. All data is encrypted at rest and in transit.
Vercel (Hosting)
Our backend API and website are hosted on Vercel. Requests from the extension pass through Vercel's infrastructure over secure connections.
Google (Authentication)
Used for secure sign-in. No data from your Google account is shared with us or other parties except your basic profile information (email, name, avatar).
We may additionally disclose data if legally required to do so or to protect the rights and safety of users or the public.
6Data Security
All data is collected, handled, stored and shared securely using encrypted HTTPS connections. Account data is securely stored in Supabase with strict access controls and encryption at rest. We implement best practices to prevent unauthorized access. However, no method of electronic transmission or data storage is 100% secure, and we cannot guarantee absolute security.
7LinkedIn Data
Replya reads only the content that is publicly visible on your LinkedIn feed or post pages — the same content you can see with your own eyes. It does not access LinkedIn’s private API, your messages, connections list, profile data, or any data not visible in your current browser session.
Replya is not affiliated with, endorsed by, or partnered with LinkedIn Corporation.
8Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your data (right to erasure)
- Restrict or object to processing
- Data portability — receive your data in a structured format
To exercise any of these rights, contact aditya@prepaired.app.
EU / EEA users (GDPR)
Our legal basis for processing your account data is the performance of a contract (providing the service). Post content is processed on the basis of your explicit request (legitimate interest per Art. 6(1)(f)).
California users (CCPA)
We do not sell personal information. You have the right to know, delete, and opt out of sale (not applicable here).
9Children's Privacy
Replya is not directed at children under the age of 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us data, contact us immediately at aditya@prepaired.app.
10Changes to This Policy
We will update this policy as Replya’s features change. The “Last Updated” date at the top of this document will reflect any changes. Continued use of the extension after changes constitutes acceptance of the updated policy. For material changes, we will make reasonable efforts to notify you via email.
11Contact
If you have any questions about this Privacy Policy or your data, reach out: