Privacy Policy

Successential (“we”, “us”, “our”) operates the Review Response AI website and tool (the “Service”). We respect your privacy and process personal data in accordance with the UK GDPR and the Data Protection Act 2018.

Contact & Controller
Company: Successential
Address: [Add postal address]
Email: support@successential.com

• Usage data: page views, feature actions (e.g., Generate/Upgrade), device/browser info, approximate region.
• Content you provide: review text you paste, tone/preset selections, feedback you submit.
• Billing data (Premium): processed by Stripe (name, email, payment method, billing address). We do not store card numbers.
• Account/identifiers: if you use tokens or email to save history, we store the identifier and your saved threads/presets.
• Support: messages you send us (e.g., email support).
• Cookies/local storage: we use local storage for in-tool settings; essential cookies may be set by our host/Stripe. Privacy-friendly analytics (if enabled) may set non-essential cookies.

• Provide the Service (generate responses, save history): contract.
• Billing & fraud prevention: contract and legitimate interests.
• Analytics & product improvement: legitimate interests (you may opt out of non-essential analytics where offered).
• Legal compliance: legal obligation.
• Marketing emails (if expressly opted in): consent.

To generate replies, we send your review text and selected options to our AI provider(s) to create suggested responses. We currently use one or more of: OpenAI for model inference, and may use compatible providers in the future. We do not use your review content to train our own public models.

We use trusted vendors to deliver the Service. Key providers include:

• Stripe — payments and billing.
• Vercel (or equivalent host) — site/app hosting & serverless.
• OpenAI — AI inference.
• Supabase (if enabled) — database/storage for saved threads/admin.
• Analytics (if enabled) — privacy-friendly usage analytics.

Some providers may process data outside the UK/EEA under appropriate safeguards (e.g., SCCs).

• Saved responses/history: retained until you delete them or as needed to provide the Service.
• Billing/transaction records: per legal/tax requirements (typically 6–7 years in the UK).
• Analytics logs: typically 12–24 months (or shorter if configured).
• Support emails: for the time needed to address your request and maintain records.

You have the right to request access, correction, deletion, restriction, or portability of your personal data, and to object to processing based on legitimate interests. Where we rely on consent, you may withdraw it at any time.

To exercise rights, email support@successential.com. You can also complain to the UK ICO: ico.org.uk.

We use industry-standard measures (HTTPS/TLS, access controls, least-privilege, encrypted payment processing via Stripe). No system is 100% secure; if we become aware of a breach impacting you, we will notify you where required.

The Service is not directed to children under 16, and we do not knowingly collect their personal data.

We may update this policy from time to time. We will post the revised version here and update the “Effective date.”

Email: support@successential.com
Address: [Add postal address]