Legal & Policy

Privacy Policy

How RepliaOS collects, uses, stores, protects, and discloses information.

Last updated: May 2026

This Privacy Policy explains how RepliaOS collects, uses, stores, protects, and discloses information in connection with the RepliaOS website, application, and related services.

1. Information We Collect

We may collect the following types of information:

Account Information

  • Name
  • Email address
  • Login credentials
  • Organization affiliation
  • Role or permission level
  • Account activity metadata

Organization and Customer Data

Organizations and users may submit information into RepliaOS, including:

  • People records
  • Matter or case records
  • Notes
  • Documents
  • Meeting records
  • Deadlines
  • Tasks
  • Internal communications
  • Workflow history
  • Custom fields and metadata

Technical Information

We may collect technical information such as:

  • IP address
  • Browser type
  • Device type
  • Operating system
  • Login timestamps
  • Security logs
  • Session activity
  • Error logs
  • Usage data necessary to operate and secure the platform

Communications

If you contact us, we may collect your name, email address, message contents, and related support information.

2. How We Use Information

We use information to:

  • Provide and operate RepliaOS
  • Authenticate users
  • Manage accounts and organization workspaces
  • Store and display Customer Data
  • Provide support
  • Maintain security
  • Detect abuse or unauthorized access
  • Improve reliability and performance
  • Send service-related communications
  • Comply with legal obligations

We do not sell Customer Data.

3. Customer Data Ownership

Organizations retain ownership of their Customer Data.

We process Customer Data only as necessary to provide, secure, maintain, support, and improve the Software, or as otherwise directed by the organization or required by law.

4. Sensitive Organizational Records

RepliaOS may be used to store sensitive labor, employment, grievance, disciplinary, representation, or internal organizational records.

Organizations are responsible for determining what information is uploaded, how long it is retained, who may access it, and whether its use complies with applicable laws, contracts, and internal policies.

5. Cookies and Similar Technologies

RepliaOS may use cookies, session storage, or similar technologies to:

  • Keep users logged in
  • Protect accounts
  • Remember preferences
  • Maintain security
  • Analyze basic site or application performance

Authentication and security cookies may be necessary for the platform to function.

If analytics or tracking tools are added in the future, this Privacy Policy should be updated to describe those tools.

6. Third-Party Service Providers

We may use third-party service providers for hosting, infrastructure, file storage, email delivery, logging, monitoring, analytics, payments, security, and related operational needs.

These providers may process limited information as necessary to provide their services.

Examples may include hosting providers, object storage providers, email delivery services, payment processors, and optional Gmail-related API services depending on the active platform configuration.

7. Data Storage and Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, or disclosure.

These safeguards may include access controls, encrypted connections, private storage, role-based permissions, logging, backups, and secure infrastructure configuration.

No system can be guaranteed to be completely secure.

8. Gmail Integration and Google API Data Usage

RepliaOS may allow authorized users or organizations to connect a Gmail account using Google OAuth and Google APIs for email-related functionality.

What Google services may be connected

RepliaOS only supports Gmail-related Google integrations described on this website. RepliaOS does not claim support for Google Drive, Google Calendar, Google Workspace administration, or unrelated Google services unless those features are publicly documented separately.

What data may be accessed

When a Gmail integration is connected, RepliaOS may access only the Google account information and Gmail data needed for the configured email-related workflow, such as:

  • Basic authenticated Google account identity information
  • Email sending metadata such as sender information, recipient information, timestamps, and delivery-related context
  • Email content needed to compose, send, or support the communication workflow requested by the user or organization
  • OAuth access tokens, refresh tokens, and related authorization data required to maintain the connection securely

RepliaOS does not state or imply unrestricted access to all Gmail content or all Google account data.

How Google API data is used

Google API data is used solely to provide user-facing functionality requested by the relevant user or organization, including:

  • Authenticating Gmail integrations through Google OAuth
  • Sending communications through an authorized connected Gmail account
  • Supporting organization communication workflows that depend on the connected Gmail account

RepliaOS's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Limited Use, AI, and data handling commitments

Google API data connected through Gmail is not:

  • Sold
  • Used for advertising
  • Used for retargeting
  • Used to create advertising profiles
  • Shared except as necessary to provide the service, comply with law, protect security, or with the relevant user or organization's direction or consent
  • Used to train generalized AI or machine-learning models

Revocation, retention, and credential protection

Users may revoke Gmail access through their Google account permissions and, where available, through RepliaOS integration settings or administrator controls.

If a Gmail integration is disconnected, RepliaOS may retain limited records necessary for operational continuity, security review, audit logging, legal compliance, dispute resolution, or enforcement of agreements.

OAuth tokens and related integration credentials are treated as sensitive data and protected accordingly.

Google and Gmail are trademarks of Google LLC.

9. Data Retention

We retain information for as long as necessary to provide the Software, comply with legal obligations, resolve disputes, enforce agreements, maintain security, and support legitimate business purposes.

Organizations are responsible for their own record retention obligations and may request deletion or export of Customer Data subject to technical, legal, contractual, and operational limitations.

10. Data Deletion and Export

Organization administrators may request deletion or export of Customer Data where supported by the platform and applicable agreements.

Some information may remain in backups, logs, audit trails, or archival records for a limited period where necessary for security, legal compliance, or operational integrity.

11. Disclosure of Information

We may disclose information:

  • To provide the Software
  • To service providers acting on our behalf
  • To comply with legal obligations
  • To respond to lawful requests
  • To protect rights, safety, security, or platform integrity
  • In connection with a business transfer, merger, acquisition, or restructuring
  • With consent or direction from the relevant organization or user

12. International Users

If RepliaOS is accessed from outside the country where our infrastructure or operators are located, information may be processed in jurisdictions with different data protection laws.

Organizations are responsible for determining whether their use of the Software complies with applicable international data protection requirements.

13. Children's Privacy

RepliaOS is intended for organizational and professional use. It is not directed to children.

Users should not knowingly submit children's personal information unless they have appropriate legal authority and a valid organizational purpose.

14. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing of personal information.

Requests should be submitted through the official contact channel. Some requests may need to be handled by the organization that controls the relevant Customer Data.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last Updated” date.

16. Contact

Questions about this Privacy Policy may be directed to the official contact channel provided on the RepliaOS website.