Privacy Policy

Who we are

ReviewAnswered is operated by General Web Solutions LLC, a Delaware limited liability company located at 16192 Coastal Highway, Lewes, DE 19958, USA. In this policy, "ReviewAnswered," "we," "us," and "our" all refer to General Web Solutions LLC. You can reach our privacy team at privacy@reviewanswered.com.

ReviewAnswered is available to United States restaurants only. We do not currently accept customers outside the US, and we do not target our service to visitors from the European Union, the United Kingdom, or other jurisdictions outside the United States.

What this policy covers

This policy explains:

• What information we collect when you sign up, when we run the service for you, and when you visit reviewanswered.com.
• How we use that information, who we share it with, and how long we keep it.
• The choices and rights you have over your data, including specific rights for California residents under the CCPA.

Information we collect

Account information you give us

When you create an account, we collect:

• Your name, email address, and phone number.
• Your restaurant's name, location, website URL, and social media handles.
• Billing details processed by Stripe — we do not see or store your full card number, only the last four digits and card brand for receipts.

Connection to your Google Business Profile

During onboarding, you authorise ReviewAnswered as a manager on your Google Business Profile. This grants us:

• Read access to your incoming Google reviews — rating, text, the reviewer's public Google name, and the date.
• Write access to post replies to those reviews on your behalf.

We do not receive access to your personal Gmail, Google Drive, contacts, calendar, photos, or any other Google service. You can revoke our access at any time from your Google Business Profile settings.

Operational data we generate while running the service

• The reviews we read, the drafts our AI agents produce, the edits made during quality control, and the final responses we publish.
• Internal logs — timestamps, which agent processed each review, and quality-control outcomes — kept for service-quality and debugging purposes.
• Records of any communication you have with our support team.

Public information about your restaurant

To learn your tone of voice, we read content that is already public:

• Your restaurant's website.
• Your public Instagram and Facebook posts.
• Your existing Google and Yelp reviews and replies.
• Other publicly available review sites where your business appears.

We re-check these sources roughly once every seven days. We do not log in to any account; we only read what is publicly accessible.

Information collected automatically when you visit reviewanswered.com

Our marketing website uses two third-party analytics tools:

• Google Analytics 4 — visit counts and which pages people read.
• Microsoft Clarity — anonymised session heatmaps and click tracking.

Both tools set cookies in your browser and may collect a truncated IP address, device type, browser, referring URL, and on-page interactions. Neither is configured to identify individual visitors. We do not run third-party advertising cookies, retargeting pixels (Facebook, LinkedIn, etc.), or any tracking that follows you across other sites.

How we use your information

We use the information described above for these purposes only:

1. To run the service. Drafting, quality-checking, and publishing responses to your reviews; learning your voice; flagging sensitive reviews for your attention.
2. To bill you. Processing your $49/month subscription through Stripe and sending receipts.
3. To communicate with you. Onboarding instructions, billing confirmations, security and status notifications, and replies to your support emails. These are service emails — you cannot opt out while you are an active customer.
4. To improve the service. Reviewing logs and customer feedback to fix bugs, improve drafting quality, and tune our quality-control checks.
5. To meet legal obligations. Keeping billing records as required by US tax law, responding to lawful legal process, and preventing fraud or abuse.

We do not use your information for advertising. We do not sell or rent your personal information to anyone, ever.

Who we share information with

We share data with the following sub-processors. Each is contractually prohibited from using your data for their own purposes:

• Stripe, Inc. (Delaware, USA) — payment processing. Receives your name, email, and billing details.
• HostGator (USA) — web hosting and database storage. Holds all operational data described above.
• Mailgun Technologies, Inc. (Texas, USA) — transactional email delivery. Receives your email address and the contents of service emails we send to you.
• OpenAI, OpCo, LLC (California, USA) — AI drafting and quality-control models. Receives review text and operational metadata. Configured under OpenAI's no-training API tier — your data is not used to train their public models.
• Anthropic, PBC (Delaware, USA) — AI drafting and quality-control models. Receives review text and operational metadata. Configured under Anthropic's no-training API tier — your data is not used to train their public models.
• Google LLC (California, USA) — Google Workspace email for our support team and Google Analytics 4 for the marketing website. Receives email contents you send to hello@reviewanswered.com or privacy@reviewanswered.com, and analytics data from website visitors.
• Microsoft Corporation (Washington, USA) — Microsoft Clarity, anonymised website analytics. Receives session data from website visitors.

We may also disclose information if required by law (subpoena, court order, valid legal process), or if we are involved in a merger, acquisition, or sale of assets, in which case we will give every active customer at least 30 days' notice and the option to delete their data before any transfer.

AI training and aggregated data

We continuously improve the quality of our drafting models using public review text (already published on Google and other review platforms) and the drafts our agents produce. We do not use private customer data — your name, email, billing, internal communications, or any non-public account information — for any model training.

We do not sell, license, or share aggregated or anonymised data with any third party outside the sub-processors listed above. If you would like your account excluded from any model improvement work, email privacy@reviewanswered.com and we will exclude you within 30 days.

Cookies on this website

The marketing website uses cookies set by Google Analytics 4 and Microsoft Clarity. The customer dashboard (after sign-up) uses a single first-party session cookie to keep you logged in.

You can disable analytics cookies through your browser's settings or by using a privacy extension. We honour the Global Privacy Control (GPC) signal as an opt-out for California residents.

Data retention and deletion

We keep your data only as long as we have a reason to:

• Active accounts — we retain your account data, reviews, drafts, and published replies for as long as your subscription is active.
• After cancellation — within 30 days, we soft-delete your account so you can reactivate during that window. After 30 days, account data is permanently deleted, except billing records, which we keep for seven years as required by US tax law.
• Review and draft history — retained for 90 days after cancellation, then permanently deleted.
• Database backups — rotate every 30 days, after which deleted records are gone for good.

Automatic deletion when you remove our access: if you remove ReviewAnswered as a manager from your Google Business Profile (the easy way to cancel), we detect the access loss within 24 hours, treat it as a cancellation, and start the deletion timeline above. We will email you to confirm.

Data security

We protect your data with industry-standard practices:

• All data in transit is encrypted using TLS 1.2 or higher.
• All data at rest in our database is encrypted using AES-256.
• Google Business Profile access tokens are encrypted with a separate key that is not stored alongside the database.
• Only the named ReviewAnswered team members — currently a small team, all bound by written confidentiality agreements — can access the underlying data, and only for the operational purposes listed above.

We do not currently hold SOC 2 or ISO 27001 certification. We follow the security practices those frameworks describe, but we have not undergone an external audit.

No system is perfect. If we ever discover a security incident affecting your personal data, we will notify you and any required US authorities without undue delay.

Your rights

As a matter of company policy, we extend the following rights to every ReviewAnswered customer, regardless of where in the United States you live. Where California law provides additional protections, those are noted explicitly.

• Access — request a copy of the personal information we hold about you.
• Correction — ask us to fix information that is inaccurate or incomplete.
• Deletion — ask us to delete your account and the data associated with it (subject to the legal retention exceptions described above).
• Portability — receive your historical review and reply data in a portable CSV format.
• Opt out of sale or sharing — we do not sell or share personal information for cross-context behavioural advertising, so this right is met by default.
• Limit use of sensitive personal information — we do not use sensitive personal information for secondary purposes, so this right is met by default.
• Non-discrimination — exercising any of these rights will not affect the price or quality of the service you receive.

California residents (CCPA / CPRA)

If you are a resident of California, the rights above are guaranteed to you under the California Consumer Privacy Act, as amended by the California Privacy Rights Act. To exercise any of them, email privacy@reviewanswered.com with the subject line CCPA Request. We will respond within 30 days.

We may need to verify your identity by matching the details you provide against our records before we can act on a request. We do not sell personal information, so we are not required to and do not maintain a "Do Not Sell My Personal Information" link.

Children's privacy

ReviewAnswered is a business-to-business service for restaurant owners. It is not directed to children under 13, and we do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, email privacy@reviewanswered.com and we will delete it.

Changes to this policy

If we update this policy in a way that materially affects how we handle your data, we will email every active customer at least 14 days before the change takes effect. The "Last updated" date at the top of the page always reflects the most recent revision. Older versions are available on request from privacy@reviewanswered.com.

Minor changes — typos, clarifications, or sub-processor list updates that do not change what data is shared or why — may be made without advance notice. We log every revision internally.

Contact us

For any question or request relating to this Privacy Policy, your data, or the service:

• Privacy questions and requests: privacy@reviewanswered.com
• General support: hello@reviewanswered.com
• Mailing address: General Web Solutions LLC, 16192 Coastal Highway, Lewes, DE 19958, USA