© 2026 Frédéric Legrand. All rights reserved.

Get in touch

ReplyKit · Chrome Extension & Web App

Privacy Policy_

This page explains exactly what data ReplyKit collects, where it goes, and how it is stored. Plain English, no dark patterns.

Last updated: May 16, 2026

The short version

  • → We don't sell, rent, or share your data with advertisers.
  • → We don't ask for your X, LinkedIn, or Reddit login. ReplyKit reads posts already on screen, nothing else.
  • → Bring your own API key? Your posts go straight from your browser to your AI provider. We never see them.
  • → On the Pro plan, prompts pass through our proxy so we can run the model and count usage.
  • → Anonymous, aggregated usage events go to Google Analytics so we know what to improve.
  • → Uninstall the extension and all local data goes with it.

1. Who we are

ReplyKit (the “extension” and the /replykit/app web app) is built and maintained by Frédéric Legrand. This privacy policy covers the extension, the web app, and the supporting services on fredericlegrand.me.

Questions, requests, or complaints? Email flegrand31@gmail.com.

2. What ReplyKit does

On the desktop extension, ReplyKit adds a small panel under the reply box on X (Twitter), LinkedIn, and Reddit. When you click generate, it reads the post (and parent thread) you're replying to, sends that text to an AI provider of your choice, and shows the suggested reply back to you. You decide whether to post it. Nothing is posted, liked, followed, or messaged automatically.

The mobile web app does the same thing with a paste flow: you paste the post you want to reply to, pick a tone, get a draft, copy it back into the source app yourself.

3. What data we process

a) Post content you ask us to work on. The visible post text and thread context are sent to your selected AI provider so it can write a reply. On the Pro plan, that request transits our proxy at fredericlegrand.me only so we can forward it and count it against your quota.

b) Your API key (free / bring-your-own-key mode). If you bring your own OpenAI, Anthropic, or Google Gemini key, it is encrypted (AES) and stored locally in Chrome's synced storage. It never reaches our servers.

c) Your settings. Tone preferences, points of interest, default style — stored in Chrome storage, never leaves your profile.

d) Pro account data. If you subscribe to Pro, we collect your email address (for license activation and the Stripe billing portal), an activation token, and monthly usage counters. Payments are handled by Stripe — we never see your card details.

e) Anonymous product analytics. Anonymous events (“reply generated”, “tone selected”, current platform) go to Google Analytics 4 via the Measurement Protocol. We don't link this to your identity or the content of your posts.

f) Prompt logs. For prompt iteration, we store the system prompt, user prompt, and reply for a sample of generations. No user identifier is stored alongside — just the plan (trial/pro/byok) and the platform.

4. What data we do NOT collect

  • Your X / LinkedIn / Reddit password or session cookies. ReplyKit does not log you in or act on your behalf.
  • Your direct messages, follower / friend list, or private timeline data.
  • Your browsing history outside the supported platform sites.
  • Your name, location, IP address (beyond what your AI provider and Stripe see for their infrastructure), or device fingerprint.
  • Card or payment details — those go straight to Stripe.

5. Where your data goes

When you generate a reply, the relevant post text travels to one or more of these destinations, depending on your configuration:

  • OpenAI (api.openai.com) — GPT models with your own key.
  • Anthropic (api.anthropic.com) — Claude models with your own key.
  • Google (generativelanguage.googleapis.com) — Gemini models with your own key.
  • Our proxy (fredericlegrand.me) — if you are on Pro, to forward to the model and count against quota.
  • Google Analytics (www.google-analytics.com) — anonymous, aggregated events.
  • Stripe — for Pro subscriptions, via the customer portal link returned by our backend.

Each provider has their own privacy policy. By using ReplyKit with that provider, you also accept their terms.

6. Permissions the extension requests

  • storage — to save your settings, encrypted API key, and local counters.
  • activeTab — so the panel can read the post you're currently looking at when you click generate.
  • Host access to x.com, twitter.com, *.linkedin.com, reddit.com, the AI provider domains listed above, fredericlegrand.me, and www.google-analytics.com.

The extension does not request access to other websites, your downloads, your bookmarks, or your file system.

7. Your rights

  • Remove your API key and reset settings from the extension popup at any time.
  • Uninstall the extension. This wipes everything stored locally.
  • Cancel a Pro subscription from the Stripe customer portal, reachable from the extension.
  • Request deletion of your Pro account data (email, activation token, usage history) by emailing flegrand31@gmail.com. If you are in the EU/UK, you have the rights granted by GDPR / UK GDPR.

8. Changes to this policy

If this policy changes in a material way, the “Last updated” date at the top will move and a notice will be posted on this page. Continued use after a change means you accept the new version.

9. Contact

For privacy questions, deletion requests, or anything else, email flegrand31@gmail.com.

← Back to ReplyKitChrome Web Store →