Privacy policy

The generator is designed to work without an account and without saving your personal details to a database by default. The information you type into the form is used to assemble an editable message in your browser.

If you copy, download, print, or open your email app, your browser, device, operating system, email provider, or chosen app may process that content according to their own policies.

The current version does not use advertising cookies or third-party tracking cookies. It uses local browser storage to remember whether you acknowledged the privacy notice.

Local storage stays on your device unless you clear it. Clearing browser site data may reset the notice.

Do not enter Social Security numbers, passwords, PINs, bank-login details, full bank account numbers, full debit or credit card numbers, or other highly sensitive information.

If an identifier is helpful, use only limited identifiers such as a company reference number or the last four digits of a bank account or card. The dedicated last-4 fields are designed to accept four digits only.

The company directory contains public company names, public contact routes, source links, tags, and public service-signal labels gathered from public pages or seeded directory data.

Public source data may be incomplete, outdated, or incorrect. Verify recipient information directly before sending any message.

If RecordReply Plus cloud sync is used, saved features may store profile details such as email address, phone number, mailing address, and preferred signature, plus saved drafts, request history, reminders, downloaded packet metadata, reply or screenshot records, saved companies, and optional payment-method last-four values.

Cloud profile and record uploads are routed through server-side RecordReply endpoints and stored in private Vercel Blob storage when configured.

Plus storage should not collect or store Social Security numbers, passwords, PINs, full bank account numbers, full debit or credit card numbers, or bank-login details.

If future versions add full authentication, server-side generation, email sending, or integrations, those features should receive a separate privacy review before launch.

Any production version should clearly document what is collected, why it is collected, how long it is retained, and how users can request deletion or support.

This privacy page is starter product language, not a substitute for legal review. Before launch, confirm the final policy matches the actual hosting, analytics, payments, support, logging, and retention practices.