Privacy Policy

Last Updated: April 14, 2026

Introduction

RepMinder, Inc. ("RepMinder," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website at repminder.ai and our AI readiness assessment services (collectively, the "Service").

For questions about this Privacy Policy, please contact us at legal@repminder.ai.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you create an account, we collect your name, email address, and password.
  • Payment Information: When you subscribe to a paid plan, we collect billing information through our payment processor, Stripe. We do not store your credit card details on our servers.
  • Scan Data: URLs you submit for AI readiness assessment, scan results, and reports generated by our Service.
  • Communications: Information you provide when contacting our support team or subscribing to our newsletter.

1.2 Automatically Collected Information

  • Usage Data: IP address, browser type, device information, pages visited, time spent on pages, and referring URLs.
  • Analytics Data: We use PostHog (only for signed-in users) to understand how users interact with our Service.
  • Cookies: We use essential cookies for authentication and session management. Analytics cookies are only used when you are signed in.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our Service
  • Process your AI readiness assessments using OpenAI's API
  • Process optional GA4/GSC connection data and trend snapshots when you connect Google integrations
  • Run live verification checks against supported LLM/search providers for your configured queries
  • Process payments and manage subscriptions
  • Send you service-related notifications and updates
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to improve user experience (signed-in users only via PostHog)
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

3. Third-Party Service Providers

We share your information with the following trusted service providers who process data on our behalf:

Service ProviderPurposeData Location
SupabaseDatabase, authentication, hostingSydney, Australia (primary)
VercelApplication hosting, CDNSydney, Australia (primary)
StripePayment processingUnited States
Google APIsGA4/GSC OAuth, analytics and search metrics sync (optional integrations)United States
OpenAIAI-powered analysis and content-agent assistanceUnited States
UpstashRate limiting, cachingGlobal
ResendTransactional emailsUnited States
PostHogProduct analytics (signed-in users only)EU or US (configurable)
SentryError monitoringUnited States

These service providers are contractually obligated to protect your data and use it only for the purposes we specify. We have Data Processing Agreements in place with all processors handling personal data.

4. Data Retention

We retain your information as follows:

  • Account Data: Retained until you delete your account, plus 30 days for backup purposes
  • Scan Results: Retained for the duration of your subscription, plus 90 days after cancellation
  • Payment Records: Retained for 7 years to comply with tax and accounting regulations
  • Analytics Data: Aggregated and anonymized after 24 months
  • Growth Lane Data (Integrations/Verification/Agent): Live verification and content-agent interactions are currently user-triggered (manual/API initiated), not recurring by default. Verification and agent records follow tier-based retention windows (90 days free, 180 days professional/business, 365 days enterprise) unless legal requirements require longer retention.

5. Your Rights (GDPR & Privacy Laws)

If you are located in the European Economic Area (EEA), United Kingdom, Switzerland, or other jurisdictions with comprehensive privacy laws, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Data Portability: Receive your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us at legal@repminder.ai. We will respond within 30 days.

6. International Data Transfers

Your data is primarily stored in Australia (Sydney region). However, some of our service providers (OpenAI, Stripe, Resend, Sentry) are based in the United States. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with all processors
  • Compliance with the EU-U.S. Data Privacy Framework (where applicable)

7. Cookies Policy

We use cookies and similar tracking technologies as follows:

  • Essential Cookies: Required for authentication and security (always active)
  • Analytics Cookies (PostHog): Only active when you are signed in to your account. We do not track anonymous visitors.

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may prevent you from using certain features of the Service.

8. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS/SSL) and at rest
  • Row-level security (RLS) policies in our database
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Automated backup and disaster recovery procedures

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at legal@repminder.ai.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

11. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

RepMinder, Inc.

Email: legal@repminder.ai

Website: https://repminder.ai

12. Supervisory Authority

If you are located in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.