Privacy Policy
Last updated: July 3, 2026
1. Introduction
Secreply (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Secreply is a trade name of frits.cloud, registered with the Dutch Chamber of Commerce (KvK) under number 90653327.
2. Information We Collect
2.1 Information You Provide
- Account information (name, email, password)
- Organization details (company name, VAT number, billing contact)
- Security questionnaire data and documents you upload to the platform
- Payment information (processed securely through Stripe — we do not store credit card details)
2.2 Automatically Collected Information
- Usage data and analytics
- Device and browser information
- IP address and approximate location data
- Cookies and similar technologies (see our Cookie Policy)
3. How We Use Your Information
- Provide and maintain our service
- Process your transactions
- Send administrative information and updates
- Improve our platform and user experience
- Provide AI-powered questionnaire assistance
- Comply with legal obligations
4. Data Storage and Security
We use industry-standard security measures to protect your data:
- Storage: Your data is stored securely on AWS infrastructure in the EU (Frankfurt, Germany)
- Encryption: Data is encrypted in transit (TLS/SSL) and at rest
- Backups: We maintain automated backups for disaster recovery purposes
- Access Controls: Strict role-based access controls and authentication
- Security Audits: Regular security assessments and monitoring
5. Third-Party Service Providers
We use the following trusted service providers to operate our platform:
- AWS (Amazon Web Services): Cloud infrastructure and hosting (EU region — Frankfurt, Germany)
- OpenAI: AI-powered features (questionnaire answer generation and document analysis)
- Stripe: Payment processing (we do not store credit card information)
These providers are carefully selected and comply with GDPR and industry security standards.
5.1 AI Data Privacy (OpenAI)
We take special care with data sent to AI services:
- Only document content and questionnaire text relevant to generating answers is sent to OpenAI
- Data sent to OpenAI is not used to train their models (we use their API with data protection agreements in place)
- AI responses are used solely to assist with your questionnaire answers
6. Data Sharing
We never sell or share your data with third parties for marketing or commercial purposes.
We only share data:
- With the service providers listed above, solely to operate our platform
- When legally required by law enforcement or regulatory authorities
- With your explicit consent for specific purposes
7. Your Rights (GDPR Compliance)
We are fully GDPR compliant. You have the following rights:
To exercise any of these rights, contact us at legal@secreply.com. We will respond within 30 days.
8. Data Deletion
You can request complete deletion of your account and all associated data at any time:
- All personal information will be permanently deleted
- All documents and questionnaire data will be removed
- Backups containing your data are automatically purged within 30 days
- Some data may be retained for legal compliance (e.g., billing records for tax purposes)
9. Cookies
We use essential cookies for authentication and session management. For more details, see our Cookie Policy.
10. Data Retention
- Active accounts: Data retained while your account is active
- Deleted accounts: Data permanently deleted within 30 days
- Legal requirements: Some financial records retained for tax compliance (typically 7 years as required by Dutch law)
11. Business Use Only
Secreply is a B2B (business-to-business) platform intended for professional and organizational use only. Our service is not intended for individuals under 16 years of age. We do not knowingly collect data from minors.
12. International Data Transfers
Your data is stored in the EU (AWS Frankfurt, Germany). We do not transfer your data outside the European Economic Area except where necessary for service operation (e.g., OpenAI processing), in which case appropriate safeguards such as Standard Contractual Clauses (SCCs) are in place.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our platform. Continued use after changes constitutes acceptance.
14. Contact Us
For privacy-related questions or to exercise your rights, contact us at:
15. Exercise Your Rights
Use the form below to submit a Data Subject Access Request (DSAR). We will respond within 30 days.
© 2026 Secreply (frits.cloud). All rights reserved.