JR JustReplies Back to Home

Legal Infrastructure

Privacy Policy

Last Updated: May 26, 2026

1. Introduction

Welcome to JustReplies ("we," "our," or "us"). JustReplies operates as a streamlined software-as-a-service utility designed to help small, independent businesses manage their Google Business Profile reviews natively via SMS. We value your privacy and are committed to maintaining the absolute minimum data profile necessary to deliver our operational services.

2. Google API Disclosure & Limited Use Policy

JustReplies' use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We explicitly do not sell, rent, or lease any data retrieved via Google APIs to third-party ad networks, data brokers, or data analytics companies. Google user data is accessed solely to generate review response drafts for the authenticated business owner and to publish their explicitly approved responses back to the Google Business Profile platform.

3. Data We Collect and Process

To provide our workflow utility, we collect and process the following scoped technical variables:

  • Google Business Profile Data: Upon your explicit authorization via Google OAuth, we access your location name, account ID, and metadata required to stream incoming customer reviews via secure webhooks.
  • Review Scopes: We process incoming review author names, star ratings, and text content to compile contextual AI draft responses.
  • SMS Routing Variables: We securely cache the specific mobile phone numbers authorized by the primary business owner to receive and approve incoming review drafts.

4. Human-In-The-Loop Core Functionality

JustReplies operates with an absolute Human-in-the-Loop operational constraint. No automated AI system or background process will ever write or publish data to your public Google Business Profile without explicit, active human verification. Our system strictly compiles an isolated draft, forwards it to your authorized mobile phone via SMS, and awaits your direct binary approval trigger (e.g., replying with the numeral "1") before passing the final payload back to the Google Business Profile API.

5. Data Retention and Security

We leverage enterprise-grade PostgreSQL schemas on encrypted serverless environments to maintain connection tokens. We do not store or accumulate long-term data histories of your customer reviews; once a review is processed, drafted, and verified, the transactional record is maintained purely for operational auditing, accounting logs, and transmission verification.

6. Third-Party Infrastructure Partners

To route programmatic payloads effectively, data passes securely through our vetted infrastructure layers:

  • Cloudflare: For secure, globally distributed edge computation and request filtering.
  • Twilio: For outbound SMS generation and inbound SMS webhook response parsing.
  • Supabase: For relational data storage and token isolation.

Each partner is strictly prohibited from utilizing your operational payload data for any purpose outside of executing your active transactional commands.

7. Contact Information

For questions regarding this Privacy Policy or your data isolation, contact us directly at:

Email: dan@justreplies.com