Privacy Policy

Last Updated: February 13, 2026

Introduction

Welcome to Echo ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our review management platform.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, company name, phone number
• Billing Information: Credit card details (processed securely through our payment processor)
• Profile Data: User preferences, settings, profile pictures
• Business Information: Company details, locations, products

1.2 Information We Collect Automatically

• Usage Data: How you interact with our platform, features used, time spent
• Device Information: IP address, browser type, operating system
• Cookies: We use cookies to enhance your experience

1.3 Information from Third Parties

• Review Data: Reviews from Google, Facebook, Trustpilot, Shopify, App Store, Play Store
• CRM Data: Customer information from your connected CRM
• OAuth Data: Basic profile information when you connect integrations

2. How We Use Your Information

We use your information to:

• Provide and improve our review management services
• Aggregate and display reviews from connected platforms
• Generate AI-powered response suggestions
• Send email notifications and campaigns
• Process payments and prevent fraud
• Provide customer support
• Comply with legal obligations

3. Data Sharing

3.1 We Share Data With:

• Service Providers: Payment processors (Stripe), email service (Resend), AI providers (OpenAI)
• Review Platforms: When you respond to reviews through our platform
• Your CRM: When you enable CRM sync features

3.2 We Do NOT:

• Sell your personal data to third parties
• Share your data for advertising purposes
• Use your review data to train AI models for other customers

4. Data Security

We implement industry-standard security measures:

• Encryption: All data is encrypted in transit (TLS) and at rest
• Access Controls: Role-based permissions limit data access
• Authentication: Secure OAuth 2.0 for third-party integrations
• Infrastructure: Hosted on secure, SOC 2 compliant servers (Supabase)

5. Data Retention

• Account Data: Retained while your account is active
• Review Data: Retained per your subscription plan
• Deleted Accounts: Data deleted within 30 days of account closure
• Backups: Retained for 90 days for disaster recovery

6. Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete data
• Deletion: Request deletion of your data ("right to be forgotten")
• Portability: Export your data in a machine-readable format
• Opt-Out: Unsubscribe from marketing emails

To exercise these rights, contact us at privacy@splocket.com

7. Cookies

We use cookies for:

• Essential: Authentication, security, preferences
• Analytics: Understanding how you use our platform
• Functionality: Remembering your settings

You can disable cookies in your browser, but this may affect functionality.

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place (Standard Contractual Clauses).

9. Children's Privacy

Our services are not intended for individuals under 18. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy periodically. We'll notify you of significant changes via email or platform notification.

11. Contact Us

For privacy questions or concerns:

• Email: privacy@splocket.com
• Support: https://echo.splocket.com/support

12. GDPR Compliance (EU Users)

Legal Basis for Processing

• Contract: To provide our services
• Consent: For marketing communications
• Legitimate Interest: To improve our platform and prevent fraud

13. CCPA Compliance (California Users)

California residents have additional rights:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information (we don't sell your data)
• Right to non-discrimination

To exercise CCPA rights, email: ccpa@splocket.com

Effective Date: February 13, 2026
Company: Splocket, Inc.
Product: Echo by Splocket