Privacy Policy

This privacy page explains what data ReplyDash collects and how we use it. ReplyDash is a Chrome extension and companion dashboard that helps you generate AI-powered replies for LinkedIn and X (Twitter). By using ReplyDash you agree to the practices described here.

1. Data We Collect

  • Authentication token: When you connect the extension to your account we store a short-lived authentication token (Clerk token) in your browser's extension-local storage (`chrome.storage.local`) so the extension can call the backend on your behalf. This token is stored only on your machine and is not transmitted to third parties except our API endpoints described below.
  • Post content: When you click "Generate Reply" the extension reads the post text and minimal metadata (e.g., post URL, tweet ID, author display name) to construct the prompt sent to our backend AI service. We do not store full transcripts of your timeline locally beyond short-lived usage telemetry described in the "Usage & Logging" section.
  • Local preferences: Tone selection, emoji preference, and other small settings are stored locally in `chrome.storage.local` to make the experience persistent across sessions.

2. How We Use Data

Data collected by the extension is used to generate replies on your behalf and to provide the dashboard experience. Specifically:

  • Send the post text and minimal metadata to our backend AI endpoint to produce a reply.
  • Persist authentication tokens locally so the extension can make authenticated requests.
  • Store lightweight preferences (tone, emoji, automode consent) locally to improve UX.

3. Third-Party Services & Hosts

ReplyDash integrates with a small set of services needed to operate the product. These hosts and services may process request data when you use the extension:

  • ReplyDash API (e.g. https://replier.elcarainternal.lol): our backend that accepts post text and returns a generated reply. Only the request payload necessary to generate a reply is sent.
  • Authentication (Clerk or equivalent): used to authenticate users and issue tokens. Tokens are stored in `chrome.storage.local` and sent to our backend as a Bearer token for authenticated API calls.

See `manifest.json` for the precise host permissions requested by the extension. Only the minimum hosts required for functionality are requested (LinkedIn, X, dashboard origin, and internal API). You can review or remove host permissions before installing.

4. No Remote Code Execution

ReplyDash does not load executable scripts from third-party CDNs at runtime. All extension logic is bundled with the extension and served locally to comply with platform security policies.

5. Usage & Logging

We collect minimal usage metrics to operate the service and to protect abuse (for example, counting replies generated for quota enforcement). Where possible this data is aggregated and stored server-side; personally-identifying data is not retained unless explicitly required for support or fraud investigation.

Errors and operational logs (server logs) may contain truncated token previews or request identifiers to help with debugging; we avoid storing full authentication tokens in logs.

6. Data Retention & Deletion

Authentication tokens stored by the extension are stored locally and may be removed by clearing extension storage or by disconnecting from the dashboard. If you need server-side data removed, please contact us (see contact section) and provide the relevant account identifier.

7. Your Choices

  • Remove or uninstall the extension at any time — this removes local data.
  • Disconnect or revoke tokens from your ReplyDash dashboard.
  • Contact support to request deletion of server-side account data.

8. Contact

For privacy requests or security concerns, please contact: privacy@replydash.app

You may also visit our dashboard to manage your account or revoke tokens.

HomeTerms