NorthReply

Privacy Policy

Last updated: May 9, 2026

NorthReply ("we", "our", or "us") operates the NorthReply live-chat platform. This Privacy Policy explains what information we collect, how we use it, and your rights with respect to that information. By using our service you agree to the practices described here.

1. Information We Collect

We collect information in the following categories:

  • Account information. When you register, we collect your name, email address, workspace name, and a hashed password.
  • Chat transcripts. Messages sent through the NorthReply widget are stored so your team can read and respond to them.
  • Usage data. We log page views, feature interactions, and performance metrics to improve the product.
  • Billing information. Payments are processed by our payment provider. We store only non-sensitive billing metadata (plan tier, billing status, subscription identifiers).
  • Cookies and local storage. We use session cookies for authentication and small browser storage tokens to maintain widget state across page loads.

2. How We Use Your Information

  • Provide, operate, and maintain the NorthReply service.
  • Authenticate users and enforce account security.
  • Process billing and send plan-related notifications.
  • Send transactional emails (email verification, password reset, usage alerts).
  • Diagnose technical issues and improve reliability.
  • Comply with applicable legal obligations.

We do not sell your personal information to third parties.

3. Data Retention

We retain account data for as long as your account is active. Chat transcripts are retained for the duration of your subscription. You may request deletion of your account and associated data at any time by contacting us. Upon account deletion we will remove your personal data within 30 days, except where retention is required by law.

4. Third-Party Services

We use the following third-party services which may process data on our behalf:

  • Payment processing. Billing is handled by a PCI-compliant payment provider. Your full card details never touch our servers.
  • Real-time messaging. Live chat messages are delivered over WebSockets. Connection metadata is transient and not stored beyond the session.
  • Email delivery. Transactional emails are sent via our email infrastructure provider.

5. Security

We use industry-standard safeguards including TLS encryption in transit, hashed passwords, and scoped database access. No system is perfectly secure — if you discover a vulnerability, please contact us immediately.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Receive a portable copy of your data.
  • Object to or restrict certain processing.

To exercise any of these rights, email us at the address below.

7. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, where the changes are material, notify you via email or an in-app notice.

8. Contact

Questions about this policy? Reach us at [email protected].