Privacy Policy

Last updated: 2026-06-13

Who we are

Auto Reply IT (the "Service") is an off-platform Fanvue application that drafts and sends Italian-language replies to messages received in a Fanvue creator's inbox, on behalf of that creator.

Controller and contacts

For the personal data we process to provide the Service, the Service Operator acts as Data Processor for the creator (who is the Data Controller of fan-related personal data) and as Data Controller for the creator's account data.

Privacy contact / DPO: dpo@your-domain.com. General support: support@your-domain.com.

Data we process

• Creator account data: Fanvue user UUID, handle, display name, OAuth access & refresh tokens (encrypted at rest with AES-256-GCM), granted scopes, app settings.
• Conversation data: text content of messages received from and sent to fans inside the creator's Fanvue inbox; the Fanvue message UUID; basic metadata (timestamp, whether the message had media, whether it was pay-to-view).
• Derived data: vector embeddings of message text used to retrieve relevant past exchanges and keep replies on-tone.
• Operational data: webhook events received from Fanvue (post-signature verification), audit log entries, error logs (without message text or tokens).

What we do NOT collect

• We never ask for or see your Fanvue password.
• We don't collect device fingerprints, advertising IDs, or location data.
• We don't use your data to train any AI model. The local LLM runs on hardware you control (your Mac); it doesn't learn from inference traffic.

Why we process this data (purposes & legal bases)

• Run the auto-reply Service for the creator (contract — Art. 6(1)(b) GDPR).
• Keep replies in the creator's tone via retrieval over past exchanges (legitimate interest of the creator — Art. 6(1)(f)).
• Security, fraud prevention, abuse mitigation, logging (legitimate interest).
• Comply with Fanvue's platform rules and legal obligations (Art. 6(1)(c)).

Retention

• OAuth tokens: until the creator disconnects, then deleted within 7 days.
• Conversation data: kept while the bot is enabled; the creator can purge from the dashboard at any time.
• Audit log: 12 months, then purged.
• On a verified deletion request (Article 17), all data tied to the creator is removed within 30 days.

Sharing & sub-processors

• Vercel Inc. — hosting of the web app (EU region).
• Supabase, Inc. — Postgres database with row-level security (EU region).
• Cloudflare, Inc. — tunnel between the app and the creator's local LLM.
• Fanvue Ltd. — the underlying platform we integrate with via OAuth.

The local LLM runs on hardware the creator controls. Message text used to draft a reply leaves the database only to be sent to that local LLM via an authenticated Cloudflare Tunnel.

International transfers

Where any sub-processor is located outside the EEA, transfers are protected by Standard Contractual Clauses (Module 2 / 3 as appropriate) and supplementary safeguards.

Security

• HTTPS-only, HSTS, strict security headers.
• OAuth tokens encrypted at rest (AES-256-GCM); per-app keys.
• Webhook signatures verified on every request; timing-safe HMAC comparison.
• Least-privilege scopes: read:self read:chat write:chat only.
• Row-level security in the database; no anonymous reads.

Your rights

Access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with your supervisory authority. Use the dashboard or write to dpo@your-domain.com.

Children

The Service is for adult users only. We do not knowingly process data of minors.