Privacy Policy
Last updated: January 21, 2026
Privacy Policy
This Privacy Policy describes how OneInbox Reviews ("we", "us", or "our") collects, uses, and handles your personal information when you use our services.
Information We Collect
We collect information that you provide directly to us, including:
- Account information: Name, email address, and profile picture
- Authentication data: OAuth tokens for connected services (Google)
- Review data: Reviews synced from your connected Google Business Profile
- Billing information: Name, address, and payment details (processed by our payment provider)
- Communications: Messages you send us through our contact form
How We Use Your Information
We use the collected information to:
- Provide, maintain, and improve our services
- Sync and display your business reviews
- Send email alerts for new reviews (if enabled)
- Process payments and manage subscriptions
- Communicate with you about your account
- Ensure security and prevent fraud
- Comply with legal obligations
Data Storage and Security
- All data is encrypted in transit using TLS/SSL
- Data is stored on secure servers with industry-standard protections
- We implement access controls and regular security audits
- Passwords are hashed using bcrypt
Data Retention
- Active accounts: Data is retained while your account is active
- Deleted accounts: After account deletion, data is retained for 30 days (grace period) then permanently deleted
- Review data: Subject to your plan's retention policy (30-365 days depending on plan)
Your Rights (GDPR)
You have the right to:
- Access: View and download all your personal data via Settings > Profile > Export My Data
- Rectification: Edit your profile information at any time
- Erasure: Delete your account and all associated data via Settings > Profile
- Portability: Export your data in a machine-readable format (JSON)
- Object: Opt out of email alerts and marketing communications
- Withdraw consent: Disconnect integrations and revoke access at any time
Third-Party Services
We use the following third-party services that may process your data:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Google OAuth | Authentication & review sync | Google Privacy Policy |
| DodoPayments | Payment processing | DodoPayments Privacy Policy |
| Resend | Transactional emails | Resend Privacy Policy |
| Vercel | Hosting & analytics | Vercel Privacy Policy |
| Sentry | Error tracking | Sentry Privacy Policy |
| Upstash | Rate limiting | Upstash Privacy Policy |
Cookies
We use essential cookies for:
- Authentication session management
- Security (CSRF protection)
- User preferences (theme)
We do not use tracking or advertising cookies.
International Transfers
Your data may be processed in countries outside your residence. We ensure appropriate safeguards are in place for any international data transfers.
Children's Privacy
Our services are not intended for children under 16. We do not knowingly collect data from children.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through our service. The "Last Updated" date at the top indicates when changes were last made.
Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:
- Email: support@oneinbox.reviews
- Contact form: Contact Us
For GDPR-related inquiries, you may also contact your local data protection authority.