Home / Legal / Privacy Policy

Privacy Policy.

v1.0 Effective 20 April 2026 · Last updated 20 April 2026

How TimeFuser LTD, the operator of the Repley AI customer-support application, collects, uses, shares and protects personal data for Shopify merchants and their customers.

01 / Who we are and how to reach us

The App is provided by TimeFuser LTD, a company registered in the Republic of Cyprus, company number HE480325, with its registered office at Voukourestiou 25, NEPTUNE HOUSE, 1st floor, Flat/Office 183, 3045 Limassol, Cyprus.

Privacy questions, data-subject requests or security reports: privacy@repley.io. General support: support@repley.io. Website: https://repley.io.

02 / What this policy covers

This policy applies to data processed in connection with the App, including:

  • Information merchants provide when they sign up for or install Repley.
  • Data the App accesses from connected Shopify stores and connected merchant email inboxes.
  • Data our systems generate in the course of providing the service (logs, audit records, AI responses).
  • Information collected through our marketing website at repley.io.

It does not apply to the websites, apps or practices of other companies we integrate with (such as Shopify, Anthropic, Supabase or others listed in §6), which are governed by their own privacy notices.

03 / Data we collect and process

3.1 Merchant account data

When a merchant signs up for Repley or installs it on a Shopify store, we collect and process:

  • Account email address, display name, tenant identifier (a slug derived from the email or store).
  • Password hash (scrypt / bcrypt; we never store plaintext passwords) or a delegated authentication record via our identity provider (see §6).
  • Shopify store domain, access tokens (encrypted at rest), installed Shopify app track identifier and granted access scopes.
  • Configuration choices the merchant makes within the App (brand voice text, knowledge-base documents uploaded, tone-of-voice, escalation rules, feature flags).
  • Session tokens and basic session metadata (time of login, active workspace).

3.2 Shopify store data ("Protected Customer Data")

With the merchant's authorisation, the App requests limited scopes from Shopify and accesses:

  • Orders: order names, values, line items, fulfillment status, tracking numbers and URLs, used to answer delivery and order-related enquiries.
  • Customers: customer name, email address, and only the attributes needed to correlate a support enquiry to the correct order.
  • Fulfillments: carrier, tracking number, tracking URL and status.

We request only the minimum scopes needed for the feature the merchant has enabled and do not use Protected Customer Data for any purpose beyond providing the agreed service to the merchant.

3.3 Email and support-ticket data

When a merchant connects their support inbox (e.g. via an IMAP integration), the App ingests inbound email that reaches that inbox. This can include:

  • Sender and recipient email addresses, display names and basic email headers (Message-ID, In-Reply-To, Date).
  • Subject line and body (plain text and/or HTML) of each email.
  • Any personal data the customer has included in the body of their email.
  • Metadata we derive about each email (intent label, sentiment, confidence score, citation references to knowledge-base documents).

Outbound replies generated or assisted by the App are sent back to the customer via the merchant's own email infrastructure (the merchant's SMTP credentials), not from TimeFuser-owned addresses.

3.4 Operational data

We log information required to operate the service securely:

  • Application logs: request URLs, HTTP status codes, tenant identifier, error traces. We do not intentionally log full email bodies or tokens.
  • Audit log: merchant or system actions that change state (e.g. a ticket classification, a reply sent, a setting changed).
  • Metering data used for billing and capacity planning (e.g. number of AI-generated replies, token usage, webhook volume).

3.5 Marketing website (repley.io)

On our marketing website we may process basic analytics data (pages visited, approximate location, device and browser) and any information you submit through contact or demo forms. We do not use cookies for cross-site advertising on repley.io.

04 / Why we process data (purposes and legal bases)

PurposeData categoriesLegal basis (GDPR)
Provide and operate the App (authentication, Shopify OAuth, ticket ingestion, AI-assisted drafting and sending, escalation routing)Merchant account data, Shopify store data, email and ticket data, operational dataPerformance of the merchant's subscription contract (Art. 6(1)(b)); legitimate interest in operating a secure, reliable service (Art. 6(1)(f)) for data from merchants' customers, under instruction of the merchant as controller
Billing, invoicing and managing the commercial relationshipMerchant account data, metering dataContract (Art. 6(1)(b)); compliance with tax & accounting obligations (Art. 6(1)(c))
Security, fraud prevention, incident responseOperational data, IP addresses, audit logLegitimate interest (Art. 6(1)(f)) and legal obligation (Art. 6(1)(c))
Service improvement, debugging and model-free product analyticsAggregated / pseudonymised operational dataLegitimate interest (Art. 6(1)(f))
Marketing communications to merchants who have opted inMerchant email, preferencesConsent (Art. 6(1)(a)) or legitimate interest (Art. 6(1)(f)) with right to opt out
Complying with law, Shopify platform rules and enforcing our termsAny of the aboveLegal obligation (Art. 6(1)(c)); legitimate interest (Art. 6(1)(f))

05 / AI-assisted processing

The App uses large language models and embedding models to classify inbound emails, draft replies, and match customer questions to merchant-uploaded knowledge-base content. Specifically:

  • The content of an inbound customer email, merchant-provided knowledge-base excerpts, and relevant order metadata are sent to the AI providers listed in §6 to generate a classification and/or a draft reply.
  • AI providers act as further sub-processors on our behalf and on the merchant's behalf. We only use AI providers that contractually agree not to use submitted data to train their foundation models and to delete data after a limited retention window (typically 30 days or less).
  • We do not use customer personal data to train any general-purpose model. Any fine-tuning performed on our side uses merchant-consented, aggregated patterns and is scoped to that merchant's workspace.
  • Confidence scores and pipeline traces are stored so merchants can review, approve, override, or escalate AI-generated replies.

Merchants may disable AI autonomy features at any time from the App settings; when disabled, drafts are only surfaced for human review and are not sent automatically.

06 / Sub-processors and third parties

We use the following sub-processors to operate the App. Each has its own security and privacy program and is bound by a data-processing agreement with us:

Sub-processorPurposeData categoriesLocation
Shopify Inc.Source of merchant store data; platform on which the App runsAll store-derived dataCanada / global
Hetzner Online GmbHPrimary application hostingAll dataGermany (EU)
Supabase Inc.Managed Postgres database, authenticationMerchant account data, ticket data, operational dataEU (Frankfurt)
Anthropic PBCLarge-language-model API (classification, drafting, critique)Inbound email content, knowledge-base excerpts, order contextUnited States
Voyage AI Inc.Embedding model API (knowledge-base retrieval)Knowledge-base excerpts, inbound email excerptsUnited States
Resend (Resend Inc.)Transactional email delivery (account notifications, digests)Merchant email address, email content sent by us to merchantsUnited States / EU
n8n GmbH (self-hosted)Email ingestion workflow automationInbound email content, headersGermany (our VPS)

An up-to-date list of sub-processors is available on request at privacy@repley.io. We will notify merchants of material changes to our sub-processor list with reasonable advance notice.

07 / International data transfers

Our primary infrastructure is hosted in the European Union. Some sub-processors (notably AI providers) are located outside the EEA/UK. When personal data is transferred outside the EEA/UK, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum where applicable, and supplementary technical measures including encryption in transit and contractual prohibitions on training on submitted data. A copy of the transfer mechanism applicable to a specific sub-processor is available on request.

08 / Data retention

DataRetention
Active merchant account dataDuration of account plus 90 days after termination, then deleted or anonymised unless a longer legal retention applies
Tickets, AI traces, audit log24 months from creation, or the period the merchant configures in settings, whichever is shorter
Shopify access tokensUntil uninstall; marked revoked immediately on app/uninstalled; encrypted record retained for 48 hours for GDPR reconciliation, then purged
Application logs90 days rolling
BackupsEncrypted; 30-day rolling window
Marketing website analytics12 months rolling

Merchants can request early deletion of any tenant data at any time via privacy@repley.io. When Shopify sends the mandatory shop/redact webhook (48 hours after uninstall), we purge the associated tenant data on our side without further request.

09 / Security

We follow a defence-in-depth approach:

  • Encryption in transit: TLS 1.2+ on all public endpoints; Shopify webhook signatures verified with HMAC-SHA256.
  • Encryption at rest: sensitive fields (access tokens, SMTP credentials, webhook secrets, API keys) encrypted with authenticated symmetric encryption (Fernet / AES-128-CBC + HMAC-SHA256); database volumes encrypted at the provider level.
  • Tenant isolation: row-level security policies in the database enforce that no tenant can read or write another tenant's data, validated on every connection.
  • Least-privilege access: internal administrative access to production is limited to named staff, uses SSH key authentication with rotation, and is logged.
  • Secret hygiene: a single TOKEN_ENCRYPTION_KEY gates decryption; supports seamless rotation without user impact.
  • Dependency & version management: continuous integration with automated tests; every deploy is auditable and auto-rolls back on failed health checks.
  • Audit logging: state-changing actions are recorded and visible to the merchant in the admin UI.

No system is impenetrable. We commit to timely breach notification as described in §14.

10 / Your rights

Depending on where you live, you may have rights in relation to your personal data, including the right to:

  • Access the personal data we hold about you and receive a copy.
  • Correct inaccurate or incomplete data.
  • Have your data deleted (the "right to erasure").
  • Restrict or object to certain processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your local data-protection authority.

If you are a customer of a Shopify merchant using Repley, please contact that merchant directly to exercise your rights. The merchant is the controller of your data; we will assist them in fulfilling your request. If the merchant is unresponsive, you may also contact privacy@repley.io and we will support the request to the extent permitted by law.

Residents of California, Colorado, Connecticut, Virginia and similar US states: you have equivalent rights under applicable state privacy law (e.g. CCPA/CPRA, CPA, CTDPA, VCDPA). We do not "sell" personal information as defined in those laws.

11 / Shopify data-subject requests

The App implements the three mandatory Shopify data-protection webhooks:

  • customers/data_request, triggered when a merchant's customer requests the data we hold about them. We return the data associated with that customer within 30 days of the request.
  • customers/redact, triggered when a merchant's customer requests erasure. We delete the customer's personal data from our production systems within 30 days, subject to any legal retention obligations.
  • shop/redact, triggered 48 hours after a merchant uninstalls Repley. We delete the tenant's data from our production systems.

All three webhooks are HMAC-verified with the app's signing secret and logged for auditability.

12 / Cookies and tracking

The App itself uses only strictly-necessary session tokens, there is no advertising, analytics or cross-site tracking inside the App. On our marketing website at repley.io, we may use first-party analytics cookies to understand aggregate traffic. We do not use advertising cookies or similar trackers on that website. Where required by law we will show a cookie banner and honour your choices.

13 / Children's privacy

Repley is a business-to-business service intended for use by Shopify merchants operating in a commercial capacity. The App is not directed at children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.

14 / Security incidents

If we become aware of a security incident that has led, or is reasonably likely to lead, to unauthorised access to personal data, we will notify affected merchants without undue delay and, where required by law, within the timeframes specified (typically 72 hours for controllers under the GDPR). Merchants remain responsible for notifying their own customers where the affected data relates to those customers.

15 / Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, sub-processor list, or for other operational reasons. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify merchants by email or in-App. Continued use of the App after a change constitutes acceptance of the updated policy.

16 / Contact

TimeFuser LTD
Voukourestiou 25, NEPTUNE HOUSE, 1st floor, Flat/Office 183
3045 Limassol, Cyprus
Company number HE480325
Email: privacy@repley.io
Website: https://repley.io

TimeFuser LTD · Limassol, Republic of Cyprus · privacy@repley.io

Version 1.0 · Effective and last updated 20 April 2026.