ReplyMantra

ReplyMantra AI

GDPR Information

ReplyMantra’s approach to GDPR and similar data protection laws, including controller/processor roles, rights handling, transfers, and customer support commitments.

Effective date: June 10, 2026Contact: admin@replymantra.com

This page summarizes how ReplyMantra supports GDPR-aligned processing for our own operations and for customers using the platform to process personal data in chatbot, training, and lead-capture workflows.

Roles under GDPR

  • ReplyMantra acts as a controller for account creation, billing, support, security, service analytics, and our own website operations.
  • ReplyMantra acts as a processor when customers use the service to upload training material, index content, store conversations, capture leads, or configure chatbot behavior involving personal data.

Transparency and information

We structure our privacy information around the requirements of GDPR transparency obligations, including the identity of the controller, contact details, purposes, legal bases, recipients, transfer safeguards, retention, and data subject rights.

Data subject rights support

  • Access, rectification, deletion, restriction, portability, objection, and consent withdrawal where applicable.
  • Support for customers responding to requests related to chatbot conversations, uploaded content, or lead records processed through the service.
  • Reasonable assistance for controller inquiries, verification steps, and request handling timelines where we act as processor.

Security and incident response

We use access controls, logical separation, audit logs, service monitoring, transport protections, and vendor oversight to help safeguard personal data. We maintain internal processes for identifying, escalating, and responding to security incidents and personal data breaches.

Subprocessors and vendors

ReplyMantra relies on specialized vendors for hosting, storage, authentication, AI processing, retrieval infrastructure, analytics, and support functions. We require appropriate contractual and security commitments from these vendors and manage them under a subprocessor governance process.

International transfers

Where personal data is transferred outside the EEA, UK, or other protected jurisdictions, we use legally recognized transfer safeguards, such as contractual protections and related supplementary measures where required.

Data Processing Addendum

Customers that need processor terms can rely on our public Data Processing Addendum, which supplements our Terms of Service and sets out the required Article 28 commitments for customer data processed through the platform.

How to contact us

For GDPR-related questions, requests, or DPA inquiries, contact admin@replymantra.com.

Important note

These public legal pages are designed for ReplyMantra’s product model and website flows. Before production launch, you should still confirm your exact legal entity name, company address, tax and billing details, and any subprocessor disclosures that you want to publish publicly.