Privacy Policy

Privacy Policy

Privacy Policy

1. Introduction

This Privacy Policy (“Policy”) applies to all visitors and users of the website basereply.com (the “Website”) and the services provided by BaseReply (“we”, “us”, “our”). By accessing or using our Website or services, you acknowledge that you have been informed of and consent to our practices concerning your personal information and data as described in this Policy.


2. Who we are & contact details

BaseReply is operated by mariano Martene] with registered as Portugal. If you have any questions or concerns about how we handle your personal data, you may contact us at hello@basereply.com.


3. Data Protection Roles & Scope

When you use BaseReply’s service:

  • If you are a business-customer using our platform to manage your end-users’ conversations, you act as the “controller” of that data; we act as processor and will process the data only under your documented instructions and our contractual terms.

  • If you are a visitor to our Website or otherwise interact directly with us (for example by contacting us, registering, or subscribing), then we act as the controller of your personal data.


4. Information We Collect & Why

We collect and process the following categories of information:

  • Account & billing data – when you register with us or purchase our service: name, company name, email, billing address, payment information (processed via third-party payment processors).

  • Service usage & conversation data – for business-customers, the messages (and attachments) and metadata from integrated channels (e.g., chat sessions, timestamps, sender/recipient identifiers) that you or your end-users generate via our platform.

  • Technical & usage data – IP address, browser type/version, device OS, referral/landing page, pages visited, date/time stamps, other metadata for security, diagnostics and product improvement.

  • Support & customer service data – communications you send to us (emails, tickets, chat), including any content you provide in such communications.

    We do not intentionally collect special categories of personal data (such as health, biometric, racial/ethnic origin). If you upload or include such data through our service, you are responsible for ensuring appropriate legal basis applies.


5. Legal Bases for Processing & Purposes

We process personal data on one or more of the following legal bases:

  • Performance of a contract – to provide and administer your account and service, fulfill our contractual obligations.

  • Legitimate interests – to operate, maintain and improve our Website and service, to ensure security, to prevent fraud, and to communicate service updates (we balance these interests against your rights).

  • Consent – where required, e.g., for marketing communications or optional cookies.

  • Legal obligation – to comply with applicable laws (tax, accounting, fraud prevention, etc.).

    The purposes for which we use your data include: account registration, service delivery, billing, maintenance, analytics, customer support, marketing (with consent), legal/compliance matters.



6. How We Share & Disclose Information

We may share personal information as follows:

  • With our trusted service providers (sub-processors) acting on our behalf (e.g., hosting, backups, payment processors, analytics) — each of whom is required to maintain confidentiality and appropriate data protections.

  • With law enforcement, regulators, or other third parties where required by law or to protect our rights or the rights of others.

  • In connection with a business transaction (e.g., merger or sale) under appropriate safeguards.

    We do not rent or sell your personal information to third parties for their advertising or marketing purposes.


7. International Transfers

Because we operate in Europe and may use service providers located outside the European Economic Area (EEA), your personal data may be transferred internationally. Where such transfers occur, we ensure appropriate safeguards such as EU Standard Contractual Clauses, Binding Corporate Rules or other lawful mechanisms are in place.


8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described above, to comply with our contractual or legal obligations, to resolve disputes or enforce our agreements. When the data is no longer needed, we securely delete or anonymize it.

As a business-customer, you may request deletion of your conversation data; we will comply subject to legal obligations (e.g., tax, accounting) and contractual requirements.


9. Security

We implement technical and organisational measures to safeguard personal data from unauthorized access, disclosure, alteration or destruction. These may include encryption in transit (TLS), secure hosting infrastructure, access controls and regular security monitoring. However, no method of transmission or storage is 100% secure.


10. Cookies & Tracking Technologies

Our Website uses cookies and similar technologies for essential site functionality, analytics and (if you consent) marketing. You can manage or disable cookies via your browser settings, though doing so may limit certain features. For more information about cookies we use and your choices, see our Cookie Policy or contact us.


11. Your Rights (EU/EEA)

If you are located in Spain, Portugal, or elsewhere in the EEA, you have the following rights (subject to applicable exceptions):

  • The right to request access to your personal data we hold about you.

  • The right to request correction or update of inaccurate or incomplete data.

  • The right to request erasure (“right to be forgotten”) in certain circumstances.

  • The right to request restriction of processing.

  • The right to object to processing based on legitimate interests.

  • The right to data portability (when processing is based on consent or contract and carried out by automated means).

  • The right to withdraw consent (when applicable) without affecting processing prior to withdrawal.

  • The right to lodge a complaint with a supervisory authority (in Spain: Agencia Española de Protección de Datos (AEPD); in Portugal: Comissão Nacional de Proteção de Dados (CNPD)).

    To exercise your rights, contact us at privacy@basereply.com and we will respond in accordance with applicable law (typically within 30 days).


12. Controller/Processor Responsibilities

When you use our platform to process customer conversations, you as our customer are the data controller and must ensure you have the necessary rights/licences and legal basis to process that data. We act as your processor and process data only under your instructions and our contract. You remain responsible for your end-users’ personal data.

We are not responsible for the lawfulness of your data collection, or for your compliance as controller.


13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or our services. We will post any updated policy on our Website and revise the “Last updated” date. If changes are material, we may notify you by email (if you are a customer) or by notice on our Website.


14. Contacting Us

If you have any questions, complaints or requests regarding your personal data or this Policy, please contact us at:

Email: hello@basereply.com

If you are seeking to exercise your rights or have concerns about how we handle your data, please specify “Privacy Concern” in your subject line.