Privacy Policy
Effective: [TO BE FILLED IN BEFORE PUBLISH] · Last updated: [TO BE FILLED IN]
ReviewPilot (“ReviewPilot,” “we,” “us”) is operated by Togtuun LLC (“Company”). This Privacy Policy explains what information we collect, how we use it, and the choices you have.
1. Who we are
ReviewPilot is a SaaS tool that helps US-based medical spas respond to Google reviews and request post-visit Google reviews via SMS. Contact: support@togtuun.com.
2. Information we collect
2.1 You provide
Account info (name, email, phone, business name, address, EIN), billing info (handled by Stripe), and content you upload (client first name + phone for SMS review requests).
2.2 From Google (Google User Data)
When you connect your Google Business Profile via OAuth: profile email and name, locations, reviews (text, rating, reviewer name, timestamp), and replies you have posted. We use this only to provide the service.
2.3 Automatic
Log data (IP, user agent, timestamps) and aggregate analytics (Plausible, no cookies).
3. Google API Services User Data Policy — Limited Use
ReviewPilot’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements:
- We do not transfer Google user data to third parties except as necessary to provide or improve the service (sending review text to Anthropic to draft a reply for you).
- We do not use Google user data to serve ads.
- We do not allow humans to read Google user data unless you give explicit consent for specific messages, you uploaded the data, security investigation requires it, or law requires it.
- We do not use Google user data to develop, improve, or train generalized AI models. Anthropic, our LLM provider, is contractually bound to not train on customer data.
4. How we use information
To operate the service (read reviews, draft replies, post your approved replies, send SMS), to bill you, to email you about service updates and support, and to comply with law.
5. Subprocessors
| Vendor | Purpose | Data shared |
|---|---|---|
| Supabase | Database hosting | All app data |
| Anthropic | LLM (Claude) for reply drafting | Review text + your past replies |
| Twilio | SMS delivery | Recipient first name, phone, business name |
| Stripe | Payment processing | Email, billing info |
| Cloudflare | CDN, DNS, edge | Request metadata |
| Plausible | Site analytics | Aggregated, no personal data |
| Google Workspace | Internal email | Inbound/outbound emails to you |
We do not sell personal information. We do not share for cross-context behavioral advertising.
6. Retention
- Account data: while account is active. Deleted within 30 days of closure on request.
- Review text: cached up to 90 days for performance, then purged.
- SMS recipient phone numbers: while account is active. Deleted on opt-out within 7 days.
- Logs: 30 days.
7. Security
TLS in transit, AES-256 at rest. OAuth tokens encrypted in DB. Secrets stored in encrypted env vars. Access logging on all admin actions.
8. Your rights
Access, correction, deletion, portability. California (CCPA/CPRA), Colorado, Connecticut, Virginia, Utah residents have additional rights. To exercise any right, email privacy@togtuun.com.
9. Revoking Google access
You can revoke ReviewPilot’s access to your Google account anytime at myaccount.google.com/permissions. We will retain copies of replies already drafted for 30 days then delete.
10. SMS
SMS goes only to numbers you provide for the service you signed up for. Recipients can reply STOP to opt out, HELP for help. STOP/HELP are honored automatically and the recipient is suppressed within minutes.
11. Children
ReviewPilot is not directed to anyone under 18.
12. International transfers
Our infrastructure is in the US. If you’re accessing from outside the US, your data is processed in the US.
13. Changes
We notify you of material changes by email at least 30 days before they take effect.
14. Contact
General: support@togtuun.com · Privacy: privacy@togtuun.com