Does WeReply work with my Shopify store?

Yes. WeReply natively integrates with Shopify. You see order status, tracking info, and customer data directly in your inbox, no tab-switching.

How quickly is the AI agent live?

Most customers go live within 15–30 minutes after onboarding. We help you connect channels and configure the AI agent.

Am I locked into a contract?

No. All plans are cancel-anytime. No commitments, no hidden fees.

Which channels does WeReply support?

WeReply supports WhatsApp, Instagram, Facebook Messenger, Email (Gmail & Outlook), and Live Chat, all in one unified inbox connected to Shopify.

Can the AI reply on behalf of my brand?

Absolutely. The AI agent writes in your brand voice and tone. You provide instructions and sample messages, and the AI adapts to your style.

What if a question is too complex for the AI?

WeReply automatically escalates to a human team member when the AI isn't confident. You set the thresholds.

Legal

Privacy Policy

Last updated: 17/02/2026

Introduction

This Privacy Policy describes how WeReply processes personal data in connection with the provision of its communication management platform (the "Platform"), related services, and interactions with customers, users, and website visitors. WeReply is committed to ensuring that personal data is processed lawfully, fairly, and transparently in accordance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR").

This Privacy Policy explains:

what personal data we process
in what capacity we process it
for what purposes and on what legal grounds
how long we retain personal data
how and where data is stored
how international transfers are safeguarded
what rights individuals have

For privacy-related questions, contact: support@wereply.io

Scope

This Privacy Policy applies to:

Customers and users of the Platform
End-users whose data is processed through the Platform on behalf of customers
Visitors of our website

Roles and Responsibilities

Depending on the context, WeReply acts as either:

Data ControllerWhen processing personal data for its own purposes, such as account administration, billing, compliance, website management, and support.
Data ProcessorWhen processing personal data on behalf of customers through the Platform. In such cases, the customer determines the purposes and means of processing, and WeReply processes data under a Data Processing Agreement (DPA).

Categories of Personal Data

Depending on how the Platform and website are used, WeReply may process the following categories of personal data:

Account DataName, business email address, telephone number, company name, job title, login credentials, and account identifiers.
Contact and Identification DataEmail addresses, telephone numbers, billing addresses, shipping or delivery addresses, customer identifiers, and social media usernames or profile information received through integrations.
Communication DataMessages, conversation history, attachments, internal notes, and related metadata such as timestamps and sender or recipient identifiers.
Transaction and Order DataOrder details, product information, delivery information, transaction status, and other commerce-related data received through integrations with external systems.
Technical DataIP address, device information, browser type, operating system, log data, and usage statistics.
Billing and Financial DataBilling address, invoice information, VAT or tax identifiers, and payment transaction records.

WeReply does not intentionally collect special categories of personal data unless such data is submitted to the Platform by or on behalf of the Customer.

Purposes and Legal Bases

We process personal data for the following purposes:

To provide, operate, and maintain the Platform. Legal basis: performance of a contract.
To manage subscriptions, accounts, and billing. Legal basis: performance of a contract and legal obligation.
To provide customer support and technical assistance. Legal basis: performance of a contract.
To ensure platform security, prevent misuse, detect fraud, and monitor system integrity. Legal basis: legitimate interests.
To improve and optimize the Platform and website. Legal basis: legitimate interests.
To comply with legal and regulatory requirements. Legal basis: legal obligation.

Where required, consent will be obtained before processing.

Hosting and Infrastructure

The Platform infrastructure, including servers and databases, is hosted in the Netherlands. Personal data stored within the Platform is therefore primarily hosted within the European Union. We implement appropriate safeguards to ensure secure hosting and controlled access to systems.

Use of Subprocessors

WeReply engages third-party service providers to support delivery of the Platform. These may include providers for:

Hosting infrastructure
Email delivery services
AI-based functionality
Messaging integrations
Monitoring and logging
Payment processing

An up-to-date list of subprocessors is available upon request. WeReply uses reasonable care in selecting subprocessors and requires them to implement appropriate data protection measures in accordance with applicable data protection laws.

International Data Transfers

Some subprocessors or integrated third-party services may process personal data outside the European Economic Area, including in the United States.

Where personal data is transferred to a country that has not been recognized by the European Commission as providing an adequate level of protection, WeReply ensures appropriate safeguards are implemented, including:

Standard Contractual Clauses approved by the European Commission
Reliance on adequacy decisions where applicable
Additional technical and organizational measures where necessary

We assess international transfer risks and implement measures designed to ensure an essentially equivalent level of protection.

AI and Automated Processing

The Platform may include AI-supported features designed to assist users in managing communications.

AI-generated outputs are provided as supportive functionality. Customers remain responsible for reviewing and validating outputs before use.

Where AI services are provided through third-party providers, personal data may be processed by those providers in accordance with contractual safeguards and applicable data protection laws.

WeReply does not use customer data to independently train proprietary AI models unless explicitly agreed.

WeReply does not engage in automated decision-making that produces legal or similarly significant effects without human involvement.

Data Retention

Personal data is retained only for as long as necessary for the purposes described in this Privacy Policy.

When acting as a data processor, retention periods are determined by the customer and governed by contractual arrangements.

Following termination of an account, personal data will be deleted or anonymized within a reasonable period unless retention is required by law.

Financial records may be retained as required under applicable tax or accounting laws.

Security Measures

WeReply implements appropriate technical and organizational measures to protect personal data, including:

Encryption in transit
Access controls and role-based permissions
Logging and monitoring
Secure hosting practices
Internal access limitation

While we take reasonable precautions, no system can guarantee absolute security.

Cookies and Similar Technologies

WeReply uses cookies and similar technologies on its website. Cookies are small text files placed on a user's device when visiting a website. They enable the website to function properly, enhance user experience, analyze website performance, and support security.

WeReply may use the following categories of cookies:

Strictly Necessary CookiesThese cookies are essential for the operation and security of the website. They enable core functionalities such as page navigation, security features, and access to secure areas. These cookies do not require prior consent.
Functional CookiesThese cookies allow the website to remember user preferences and settings to improve usability and personalization.
Analytical CookiesThese cookies collect information about how visitors use the website, such as pages visited and traffic patterns. This information is used to improve website performance and user experience. Where required by applicable law, analytical cookies are only placed with prior consent.
Third-Party CookiesSome cookies may be placed by third-party service providers that support analytics, performance monitoring, or embedded content. Where applicable, these third parties may process personal data in accordance with their own privacy policies.

The legal basis for the use of strictly necessary cookies is WeReply's legitimate interest in ensuring the proper functioning and security of the website. For non-essential cookies, WeReply relies on user consent where required by law. Users can manage cookie preferences through their browser settings. Most browsers allow users to block or delete cookies. Please note that disabling certain cookies may affect the functionality and performance of the website. Where a cookie consent mechanism is implemented, users may update their preferences at any time through the available settings.

Rights of Data Subjects

Subject to applicable law, individuals have the right to:

Access their personal data
Request rectification
Request erasure
Request restriction of processing
Object to processing
Request data portability

Where WeReply acts as a data processor, requests should be directed to the relevant customer. Requests can be submitted to support@wereply.io. WeReply will respond within statutory timelines. Individuals have the right to lodge a complaint with a supervisory authority.

Data Breaches

In the event of a personal data breach, WeReply will act in accordance with applicable data protection laws and notify customers where required.

Children

The Platform and website are intended for business use. WeReply does not knowingly collect personal data from children.

Changes to This Privacy Policy

WeReply may update this Privacy Policy periodically. The most recent version will be available on the website.