Legal

Privacy Policy

Last updated: 16 April 2026

We built Voiser AI Reply to save you time on review replies — not to harvest your data. This page explains exactly what we collect, why, and what we never do with it. If anything here is unclear, email us at privacy@voiser.ai.

1. Who we are

Voiser AI Reply ("the Service", "we", "our") is operated by Voiser, headquartered in İstanbul, Türkiye. For the purposes of the GDPR, we are the data controller of the personal data described in this policy.

Contact:
Email: privacy@voiser.ai
Parent site: voiser.ai

2. Data we collect

We only collect what is necessary to provide the Service. Specifically:

2.1 Account data

• Free Trial users: a device identifier (a UUID generated by the Chrome extension and stored locally). No email, name or payment information is required.
• Paid users: email address, plan tier, hashed API key, credits balance, usage totals.

2.2 Product data you provide

• App metadata you register: app name, platform (Google Play or Apple App Store), the store's internal app ID, and the app's icon URL.
• Review text of the specific review you are replying to — sent to our AI provider to draft a response, never stored long-term on our servers beyond the request log required for debugging.
• Knowledge-base inputs you upload: CSV files of past reviews and replies, FAQ text, free-form brand guidelines. Used exclusively to build your Master Guide.
• The AI-generated reply itself plus your edits if you save feedback.

2.3 Operational data

• Per-request logs: timestamp, endpoint, token counts, latency, status. Used for billing accuracy and debugging.
• Error traces when something goes wrong server-side.
• Chrome extension device fingerprint (device UUID + coarse user-agent string) — to attach your trial usage to a stable identity without requiring signup.

2.4 Data we do NOT collect

• We never read reviews or app metadata outside the specific page you are looking at in Play Console or App Store Connect.
• We do not read your browsing history, cookies from other sites, or content from other Chrome tabs.
• We do not collect biometric data, precise location, or financial account numbers.
• We do not use analytics cookies by default. If we enable analytics in the future, this policy will be updated and you will be asked to consent.

3. How we use your data

Your data is used only for the following purposes:

• Providing the Service: drafting, translating and refining review replies; building and serving your private Master Guide; applying your per-app tone and instructions.
• Billing: tracking usage against your plan quota and credits.
• Security and fraud prevention: rate-limiting, abuse detection, incident response.
• Customer support: responding to your emails, reproducing bugs you report.
• Product improvement: aggregate, anonymized performance metrics (e.g. "replies per day across all customers"). Never your individual reviews or replies.

4. AI provider disclosure

Voiser AI Reply uses third-party AI providers to generate review replies. Currently we support Anthropic Claude and Google Gemini. When you generate a reply, the following is sent to the provider:

• The specific review text (and rating) you are replying to.
• Your app's Master Guide (brand voice distilled from your uploaded data).
• Your reviewer-name personalization if provided.
• The target language.

The AI provider returns the generated reply to us, and we forward it to your browser. We configure our AI providers with enterprise-tier agreements that prohibit training on our API data. Anthropic and Google Cloud both offer this configuration — your content is not used to improve their models.

Providers' own privacy policies: Anthropic, Google Cloud.

5. Data retention

• Reviews sent for reply generation: not stored. Held only in transit logs (90 days max, for debugging), then deleted.
• Generated replies: stored only if you explicitly mark them "promote to guide" via Smart Feedback. Otherwise not retained.
• Uploaded CSVs and knowledge base inputs: retained for the lifetime of your account so your Master Guide keeps working. Deleted within 30 days after account deletion or upon request.
• Usage logs: 12 months for billing and abuse records.
• Account data: retained while your account is active; deleted within 30 days of closure unless we have a legal obligation to keep it.

6. Your rights

Under the GDPR, UK GDPR, CCPA and similar laws, you have the right to:

• Access the data we hold about you.
• Correct inaccurate data.
• Delete your data ("right to be forgotten").
• Export your data in a portable format (JSON).
• Restrict processing in certain cases.
• Object to processing based on legitimate interests.
• Withdraw consent at any time where processing is based on consent.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, email privacy@voiser.ai. We respond within 30 days.

7. International transfers

Our servers are located in Türkiye and the EU. AI provider calls may route through the United States. Where personal data is transferred outside your jurisdiction, we rely on the European Commission's Standard Contractual Clauses (SCCs) or equivalent safeguards.

8. Security

We take reasonable measures to protect your data:

• All traffic over HTTPS (TLS 1.2+).
• Passwords and API keys stored as one-way hashes (bcrypt / SHA-256).
• Database access restricted to authenticated application servers, never public.
• Per-customer data isolation — your knowledge base cannot be queried by any other user.
• Admin panel protected by session cookies with HttpOnly + SameSite + CSRF tokens.

No security measure is perfect. If we become aware of a breach affecting your data, we will notify you within 72 hours as required by GDPR.

9. Cookies

We use a single essential session cookie (voiser_admin) for the admin panel only. No third-party tracking, no advertising cookies. If we add analytics in the future, we will ask for your consent first and update this page.

10. Children

Voiser AI Reply is intended for professional app developers and is not directed at anyone under 16. We do not knowingly collect data from children.

11. Changes to this policy

We will update this page when our practices change and bump the "Last updated" date at the top. For material changes, we will additionally email registered users at least 30 days before the change takes effect.

12. Contact

Questions, requests, or concerns: privacy@voiser.ai