Privacy Policy

Customers — the small-business owners who sign up for and use Tim Costagliola.

End users — people whose public reviews, comments, messages, or emails our customers receive and respond to using our service. We process end-user content on behalf of, and at the direction of, our customers.

From customers: account data (name, email, credentials via Firebase Auth), organization and business profile details, brand-voice samples, billing references via Stripe (we do not store card numbers), encrypted OAuth tokens for connected platforms, and usage metering (no message content in analytics events).

From connected platforms (on your behalf): reviews, comments, direct messages, and emails directed to your business, plus author names or handles provided by the platform, so we can draft and post replies you approve.

To provide the service: learn your brand voice, draft and (with your settings) send replies, generate and schedule content, and analyze local search visibility. To meter usage and bill your subscription. To send transactional and digest emails. To secure, maintain, and improve the service in aggregate.

We do not sell personal information. We do not use your or your end users' content to train third-party AI models — see AI processing below.

We share data only with service providers needed to run the product:

• Anthropic — AI text generation
• Google Firebase / Google Cloud — authentication and file storage
• Managed Postgres (Neon or Google Cloud SQL) — application database
• Stripe — payment processing
• Firebase App Hosting (Google Cloud) — application hosting
• Inngest — background job processing
• Connected platforms you authorize (Google, Meta, and others) — per their terms

Generated text is produced by Anthropic's Claude models via API. Content sent for generation is processed to fulfill your request and is not used to train models beyond serving that request. We inject your brand voice and business facts into prompts so output sounds like you. You review AI output before it is sent unless you explicitly enable gated auto-send.

Inbound items and drafts are retained while the relevant integration is connected and are purged within 365 days after you disconnect it or delete your account.

Account and billing records are retained as required for legal and tax purposes, then deleted.

Access / correction: view and edit your data in-app or contact timcostagliola@gmail.com.

Deletion: delete your account in-app (cascades organization data and revokes connected tokens), or follow our data deletion instructions.

Email preferences: unsubscribe from non-essential email via any email footer or settings.

OAuth tokens are encrypted at rest; data is isolated per organization via row-level security; secrets and personal data are kept out of logs and analytics. No method is perfectly secure, but we follow industry-standard practices.

The service is for businesses and is not directed to children under 16. We do not knowingly collect their data.

Data may be processed in the United States. Where required, we rely on appropriate safeguards for cross-border transfers.

We may update this policy; we will post the new "Last updated" date and, for material changes, notify customers.

Tim Costagliola, 279 McBaine Ave, Staten Island, NY 10309, timcostagliola@gmail.com.