Plain Language Privacy Policy

We're a small two-person newsletter service that collects basic information to help you manage your newsletters.

We use first-party analytics to improve our own service. We also rely on standard advertising tools to find new customers.

We don't sell your data in the traditional sense.

We protect your information using industry standards. You have control over your data and can always ask us to delete it.

If you received an email from us, it's because you subscribed on our website or logged in to our app. We respect your inbox.

We sometimes reach out via DM on social platforms if your profile is public and we think our service might genuinely help you. If that's unwelcome, just let us know.

This policy explains all this stuff in detail. Plus your specific rights if you're in Europe or California. When you use our service you agree to this policy.

We use your data to provide and improve our newsletter management services.

Key terms

Throughout this document, capitalized terms have specific meanings that apply in both singular and plural forms:

• Account: Your personal access to our service
• Affiliate: Company with shared control (50%+ voting shares)
• Application: Reply Two software you download
• Company: Reply Two by Ambreen Dar ("We," "Us," "Our")
• Cookies: Small files placed on your device that track website activity
• Country: United States
• Device: Any computer, phone, or tablet that connects to our service
• Personal data: Information that identifies you or could be linked to you
• Service: Our application, website, or both
• Service provider: Third parties who process data for us
• Usage data: Automatically collected information about how you use our service
• Website: Reply Two at https://replytwo.com
• You: Person or company using our service

Legal frameworks

We comply with multiple privacy regulations:

• GDPR: EU General Data Protection Regulation. Under GDPR, we're the Data Controller and you're the Data Subject.
• CCPA/CPRA: California Consumer Privacy Act as amended by California Privacy Rights Act of 2020. Under these laws, we're the Business and California residents are Consumers.

Collecting and using your personal data

We collect different types of information to provide our newsletter management service. This helps us understand your needs and improve our platform.

Types of data collected

When you use Reply Two, we collect several categories of data. Each type serves a specific purpose in helping us serve you better.

Personal Data

When you use Reply Two, we may ask for certain information that can identify you. This helps us provide and improve our newsletter service. This data may include:

• Email address
• First name and last name
• Phone number
• Address details (including state, city, zip code)
• Usage data

We're a small two-person agency, not a monster corporation. We collect only what we need to serve you better.

Usage data

Our service automatically collects some information when you visit our website or use our app. This happens in the background and helps us understand how people use Reply Two.

This might include:

• Your IP address
• Browser type and version
• Which pages you visit
• When you visited
• How long you stayed
• Device information

For mobile users we might also collect:

• Your device type
• Device ID
• Operating system
• Browser type
• Technical diagnostics

We use Posthog for first-party analytics. This means we keep your data to ourselves.

Social media and login connections

We offer simplified sign-in through these OAuth providers:

• Google
• Apple
• Discord

If you choose to sign in this way we'll collect basic information already associated with your account.

Such as your:

• Name
• Email address
• Basic profile information

We also maintain accounts on several social platforms:

• Facebook
• Instagram
• X (formerly Twitter)
• LinkedIn
• TikTok
• Youtube
• Threads
• Pinterest
• Reddit
• Bluesky

When you interact with our social accounts, those platforms may collect data according to their policies. We use these networks to share updates and connect with customers, not because we're trying to be everywhere but because different customers prefer different platforms.

Tracking technologies

We use various technologies to improve our service and understand how you use it. These include:

Cookies

Cookies are small files stored on your device that help us provide a better experience. We use both temporary (Session) and longer-lasting (Persistent) cookies.

Our cookies serve different purposes:

• Essential cookies help you access and use basic features. Without these, our service won't work properly.
• Preference cookies remember your settings and choices to create a more personal experience.
• Analytics cookies help us understand how people use our service so we can make it better.
• Marketing cookies track your activity across websites to show you relevant ads. These are from our advertising partners.

Your browser lets you control cookies. You can block or delete them, but this might affect how some features work.

Other Tracking Methods

We also use web beacons (tiny images) in some emails and pages to learn if you've opened or viewed our content.

These technologies help us:

• Count visitors
• See which pages are popular
• Track email engagement
• Verify our systems work correctly

All tracking follows the same privacy standards as the rest of our service.

Use of your personal data

As a small team, we keep data use simple. We use your information to:

• Provide our service - Help you manage your newsletters and track how well they perform.
• Run our business - Process payments, maintain accounts, and fulfill our contracts.
• Make smart improvements - Learn what works best so we can focus our limited resources.
• Target our tiny ad budget - Show our ads to people who might actually need us.
• Stay legal - Comply with regulations and handle tax requirements.

That's it. We don't have the time, interest, or resources for anything complicated.

Sharing your information

We're selective about sharing your data:

• Service providers: Companies like Stripe that process payments or PostHog for our analytics.
• Advertising platforms: We use basic targeting through platforms like Google and social networks.
• Legal requirements: If we're required by law or need to protect our rights.
• Business changes: If we sell Reply Two (though we're not planning to).

We don't sell your data in the traditional sense, period. That would require resources we don't have and would violate our principles anyway.

Data retention

We keep your data only as long as needed. This means:

• Account data stays while you use our service
• Usage data remains for shorter periods unless needed for security
• Some information stays longer to meet legal requirements

Data transfer

As a US-based company we store data on US servers. By using our service you agree to this arrangement. We take reasonable steps to protect your information regardless of location.

Deleting your data

You can request deletion of your personal data. You may:

• Delete information through your account settings
• Contact us directly to request deletion

We may need to keep some information for legal reasons but we'll explain why if that happens.

Disclosure of your data

We may share your data in limited situations:

• Business changes like a merger or acquisition
• Legal requirements from courts or government agencies
• Protection against wrongdoing fraud or security threats
• Safety concerns for users or the public

Security measures

We use industry-standard security but no internet transfer is 100% secure. We do our best to protect your information using commercially reasonable methods.

How we work with service providers

We partner with trusted companies to help run our service. They follow strict privacy practices when handling your data.

Analytics and marketing

We use analytics to understand how people use Reply Two. This helps our tiny team make smart decisions.

We send occasional emails about features and offers. Every message includes an unsubscribe link because nobody likes unwanted email.

For targeted ads we use standard platforms like Google, Meta, X and others. This helps our limited marketing budget work harder. You can opt out of personalized ads through your device settings or browser tools.

Payment processing

We don't store your payment details. When you pay us, the transaction goes through secure processing at Stripe. They handle your payment information according to industry standards.

Security measures

We use standard security tools including:

• Secure encryption
• Login protection
• Automated security scanning

Remember that while we take reasonable steps to protect your data no internet transmission is 100% secure.

Your choices

You control your data. You can:

• Opt out of marketing emails
• Disable personalized ads
• Request data deletion
• Update your preferences

GDPR privacy (for European users)

If you're in Europe, you have specific rights under GDPR. Here's what you need to know in plain language:

Legal basis for using your data

We only process your data when we have a valid reason:

• You gave permission
• We need it to provide our service
• We're following the law
• It's in your vital interest
• It serves the public good
• We have a legitimate business need

Your rights

As a European user, you can:

• Access your data
• Correct mistakes
• Object to certain uses
• Request deletion
• Transfer your data elsewhere
• Withdraw consent

How to exercise your rights

Just contact us. We'll verify your identity first to protect your privacy. We'll respond as quickly as possible.

If you're unhappy with our response, you can contact your local data protection authority.

About our social media presence

When you interact with our Facebook page, both we and Facebook handle your data. Facebook provides us anonymous statistics through their Insights tool.

For complete details on how Facebook handles data, see their privacy policy.

California privacy rights

If you live in California, you have specific privacy rights under CCPA/CPRA. Here's what you should know:

Information we collect

We collect some personal information to provide our newsletter service. In plain language, here's what we collect:

• Basic identifiers: Your name, email address, account details
• Customer records: Contact information, payment details
• Commercial information: What services you've purchased
• Online activity: How you interact with our website
• Account credentials: Login information and passwords

We do NOT collect:

• Biometric data
• Precise location
• Sensory data (audio/visual recordings)
• Employment history
• Education records
• Psychological profiles

What's not covered

Some information falls outside these rules, including:

• Public government records
• Anonymized data
• Healthcare information
• Financial data covered by other laws

Your California rights

As a California resident, you can:

• Know what data we collect
• Access your information
• Delete your data
• Opt out of data sales
• Limit use of sensitive data
• Not face discrimination for exercising these rights

We're a small team that respects your privacy. We've made this straightforward because that's how we'd want to be treated.

Where we get your information

We collect information in a few simple ways:

• Directly from you when you fill out forms or make purchases
• By observing how you use our service
• Through cookies on your device
• From our service providers who help run our platform

How we use your information

We use your data to:

• Provide our newsletter management service
• Help when you have questions or problems
• Process your payments
• Improve our service
• Comply with laws and protect security
• Detect and prevent fraud

Who we share with

To run our business, we may share some information with:

• Service providers who help us operate
• Payment processors
• Marketing and analytics partners

About "selling" your data

California law has a broad definition of "selling" data that includes sharing information with partners who show ads. Under this definition, we may technically "sell" these categories of information:

• Identifiers (like email addresses)
• Customer records
• Commercial information
• Online activity

We don't sell your data in the traditional sense. We don't make money by selling lists of customer information. But, when we use standard advertising tools, California law may consider this "selling."

Protecting minors

We don't knowingly collect or sell information from anyone under 16. If we discover we've inadvertently collected information from a minor, we'll delete it immediately.

If you believe we have information from someone under 16, please let us know.

Your California privacy rights

As a California resident, you have these specific rights:

Right to know: You can ask what information we collect, why we collect it, who we share it with, and get a copy of your specific data.

Right to delete: You can request deletion of your personal information, with some exceptions when we need to:

• Complete your transactions
• Protect security
• Fix errors
• Comply with laws
• Conduct research you've consented to
• Use internally in expected ways

Right to opt out: You can tell us not to "sell" your data (which includes sharing for advertising).

Right to correct: You can have us fix inaccurate information about you.

Right to limit sensitive data use: You can restrict how we use certain sensitive information.

Right to equal service: We won't discriminate against you for exercising these rights by:

• Denying service
• Charging different prices
• Providing lower quality service
• Suggesting you'll receive different treatment

How to exercise your rights:

1. Contact us
2. Provide information so we can verify your identity
3. Clearly describe what you're requesting

We'll respond within 45 days for free. We might need an extra 45 days sometimes, but we'll let you know.

We can only provide data from the previous 12 months. If you need your data in a portable format, we'll provide it in a usable form.

Do not sell my personal information

Under California law, "selling" data includes sharing information with partners who show ads. Though we don't sell your data in the traditional sense, some of our advertising practices might qualify as "selling" under this broad definition.

You can opt out of this data sharing:

Through our website:

• Contact us directly to opt out
• We'll process your request as quickly as possible

Through industry tools:

• Network Advertising Initiative: http://www.networkadvertising.org/choices/
• European Digital Advertising Alliance: http://www.youronlinechoices.com/
• Digital Advertising Alliance: http://optout.aboutads.info/?c=2&lang=EN

On mobile devices:

• Android: Select "Opt out of Interest-Based Ads" in settings
• iOS: Enable "Limit Ad Tracking" in privacy settings
• You can also disable location tracking in your device settings

Limiting sensitive information use

We only use sensitive personal information when necessary to provide our newsletter service. This includes account credentials needed for security.

Do Not Track signals

Our service doesn't currently respond to Do Not Track browser signals. Some third-party websites we link to might track browsing activities.

California Shine the Light law

California residents with an established relationship with us can request information about how we share personal data with third parties for their direct marketing.

Minor users in California

If you're under 18 and a California resident, you can request removal of content you've posted publicly by contacting us with your account email.

Children's privacy

Our service isn't intended for children under 13. We don't knowingly collect information from children. If we discover we've collected information from someone under 13, we'll delete it immediately.

If you're a parent who discovers your child has provided us information, please contact us.

Links to other websites

Our service may link to other websites we don't operate. If you click these links, you'll go to their sites. We recommend checking their privacy policies.

We don't control and aren't responsible for third-party content or privacy practices.

Changes to this privacy policy

We may update this policy occasionally. When we do:

• We'll post the new version here
• We'll email you and/or show a notice on our site
• We'll update the "Last updated" date

It's a good idea to review this policy regularly. Changes become effective when posted.

Contact us

If you have questions about your privacy, please reach out.