Privacy Policy

Last updated: April 15, 2026

1. Who We Are

Reply in DM ("we", "us", "our") is a comment-to-DM automation service operated at replyindm.com. This policy explains how we handle your information when you use our website and service.

2. What We Collect

  • Account information— when you sign up we collect your name, email address, and profile picture from the social platform you connect.
  • Social media data— we access your public posts and incoming comments through Meta’s official APIs so we can deliver auto-replies on your behalf.
  • Rules, messages, and broadcasts— the reply rules you create, the message content you configure, and the broadcasts you schedule are stored so the service can function.
  • Subscriber data— when a person subscribes to one of your lists (by tapping the Subscribe button we send them in a DM), we store their platform user ID, the name Meta provides, the list(s) they joined, and the time of opt-in. We also store opt-out events when they reply STOP or tap an Unsubscribe button. This data belongs to you, the account owner, and is processed on your behalf.
  • Usage data— we log basic analytics like page views and feature usage to improve the product. We do not use third-party trackers.

3. How We Use Your Data

We use the data we collect to:

  • Provide and operate the auto-reply service.
  • Send DMs on your behalf when your rules are triggered.
  • Deliver broadcast messages to subscribers who have opted in to your lists.
  • Honor opt-out requests (e.g. STOP replies, Unsubscribe button taps).
  • Display activity and analytics on your dashboard.
  • Send you important service-related emails (e.g., account issues or policy changes).
  • Improve and develop new features.

We do not sell or rent your personal information to third parties.

4. If You’re a Subscriber

If you received a DM from a Reply in DM customer and subscribed to one of their lists, here’s what you should know:

  • You subscribed by actively tapping a Subscribe button in a direct message. Your platform user ID, display name, and the list you joined are stored by the account owner who sent you that message.
  • You can unsubscribe at any time by replying STOP in the same conversation, or by tapping an Unsubscribe button in any broadcast.
  • The account that messaged you is the data controller for your subscriber data. Reply in DM processes that data on their behalf. If you want your data deleted entirely, you can either unsubscribe and ask the account owner to delete it, or contact us using the form below and we will forward your request.

5. Third-Party Services

We integrate with Meta (Instagram and Facebook) through their official APIs. When you connect your account, Meta’s own Privacy Policy also applies. We use Firebase (Google Cloud) for authentication and data storage; data is processed in the EU (europe-west3).

6. Data Storage and Security

Your data is stored on Google Cloud infrastructure within the European Union. We use encryption in transit (TLS) and at rest. Access to production systems is restricted to authorized personnel only.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we remove your personal data, stored rules, subscriber lists, and broadcasts within 30 days. Aggregated, anonymized analytics data may be kept longer. When an individual subscriber opts out, their entry is removed from the active list immediately; a record of the opt-out event may be retained to prevent them from being accidentally re-added.

8. Your Rights

Depending on your location, you may have the right to:

  • Access and receive a copy of the data we hold about you.
  • Correct inaccurate information.
  • Request deletion of your account and data.
  • Object to or restrict certain data processing.
  • Withdraw consent at any time by disconnecting your social accounts.

To exercise any of these rights, please use the contact form below.

9. Cookies

We use essential cookies to keep you logged in and to remember your preferences. We do not use advertising cookies. Analytics cookies are only used with your consent where required by law.

10. Children

Reply in DM is not intended for anyone under the age of 13 (or the minimum age required in your country). We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we’ll notify you by email or by placing a notice on our website before the change becomes effective.

12. Contact Us

If you have any questions about this Privacy Policy or want to exercise your data rights, please use the form below.