Privacy Policy

Last updated: March 10, 2026

Reapre ("we", "us", "our") operates the website reapre.io and the Reapre automation platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

Name - to identify your account
Email address - for authentication and communication
Password - stored as a salted cryptographic hash (we never store plaintext passwords)

1.2 Billing Information

Payment processing is handled by Paddle.com, our Merchant of Record. We do not directly collect or store credit card numbers, bank account details, or other payment instrument data. Paddle collects and processes your payment information in accordance with their own privacy policy. We receive from Paddle:

Paddle customer ID
Subscription status and plan details
Transaction history (amounts, dates)

1.3 Usage Data

We automatically collect information about how you use the Service:

API requests (command type, timestamp, response status, duration)
IP addresses used to access the Service
Browser and device information from the dashboard

1.4 API and Automation Data

When you use the browser automation API, we process command data (such as URLs, selectors, and action parameters) necessary to execute your requests. We do not store the content of web pages you access through the automation. Command metadata (type, status, timing) is logged for analytics and debugging purposes.

2. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Process transactions and manage your subscription
Send transactional emails (account verification, billing receipts, security alerts)
Monitor usage for rate limiting and abuse prevention
Generate aggregated, anonymized analytics to improve our platform
Respond to support requests
Comply with legal obligations

3. Payment Processing & Merchant of Record

All payments are processed by Paddle.com Market Limited (for customers outside the US) or Paddle.com Inc. (for US customers), acting as our Merchant of Record. This means Paddle is the entity that sells the Service to you and handles all payment processing, sales tax, VAT, and invoicing.

For payment-related privacy inquiries, please also refer to Paddle's Privacy Policy.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

Paddle - our payment processor and Merchant of Record, to process subscriptions and transactions
Service providers - hosting and infrastructure providers who assist in delivering the Service, bound by data processing agreements
Legal requirements - when required by law, regulation, or legal process
Business transfers - in connection with a merger, acquisition, or sale of assets (you would be notified)

5. Data Retention

We retain your account data for as long as your account is active. Usage logs are retained for up to 90 days for analytics purposes. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

6. Data Security

We implement industry-standard security measures including:

TLS/SSL encryption for all data in transit
Cryptographic hashing for passwords (bcrypt with salt)
API key authentication with revocation capabilities
Rate limiting and abuse detection
Regular security reviews

No method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Cookies

Our dashboard uses essential cookies and local storage for authentication (JWT tokens). We do not use third-party tracking cookies or advertising pixels on our platform. Paddle may use cookies during the checkout process as described in their privacy policy.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

Access - request a copy of the personal data we hold about you
Rectification - request correction of inaccurate data
Erasure - request deletion of your personal data
Portability - receive your data in a structured, machine-readable format
Restriction - request restriction of processing in certain circumstances
Objection - object to processing based on legitimate interests

To exercise any of these rights, contact us at [email protected].

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for any international transfers in compliance with applicable data protection laws.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: [email protected]

Website: https://reapre.io