Privacy, explained simply

This policy explains how Cedric (“we”, “us”, “our”) handles personal information. “You” includes business customers, authorised users on your account, and website visitors.

Contact: privacy@trycedric.com

We collect information in three buckets:

• Account & contact details: name, email, business name, role/permissions, billing contact info.
• Service data: connected locations, reviews/ratings, reply drafts, posting status, audit history, configuration (tone, templates, thresholds, escalation keywords).
• Website & device data: basic analytics/cookies, IP address, browser type, pages visited (to improve performance and reliability).

• Directly from you when you sign up, configure settings, or contact support.
• From Google when you connect your Google Business Profile via OAuth (permission-based access).
• Automatically via cookies and similar technologies when you use our site.

We use information to deliver Cedric and keep it secure. Typical purposes include:

• Provide the service: fetch reviews, generate drafts, publish replies when authorised, and show reporting.
• Safety & governance: enforce approval rules, thresholds, escalation keywords, and keep an audit history.
• Customer support and troubleshooting.
• Billing and account administration.
• Security, fraud prevention, and reliability monitoring.
• Product improvement using aggregated insights (not selling personal info).

If you're in Australia, we handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles where applicable.

Cedric connects to Google using OAuth. That means:

• We do not ask for or store your Google password.
• We request only the permissions needed to provide Cedric's features.
• You can revoke access at any time in your Google Account settings.

If we store tokens to keep the integration running, we store them securely and only use them to provide the features you enabled.

Note: Google is a third-party service. Cedric is not endorsed by or affiliated with Google.

We share data only when needed to run Cedric:

• Service providers (sub-processors): hosting, databases, email delivery, analytics, error monitoring, customer support tooling.
• Payment processing: to process subscription payments (we do not store full card details if using a payment processor).
• Legal/safety: if required by law or to protect rights, users, and the service.

We do not sell personal information.

Our providers may store or process data outside your country (including the US/EU). Where this occurs, we take reasonable steps to ensure appropriate safeguards are in place.

We use safeguards designed to protect information, including access controls, least-privilege permissions, encryption in transit, and monitoring.

No method of transmission or storage is 100% secure, but we work to minimise risk.

We keep information only as long as necessary to provide Cedric and meet legal/accounting obligations. When no longer needed, we delete or de-identify it (subject to technical constraints and backups).

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, and to object to or restrict certain processing.

To make a request, email privacy@trycedric.com.

We use cookies and similar tools for essential site functionality and to understand site performance. You can control cookies in your browser settings; some functionality may be affected if you disable them.

If you have concerns, contact us first and we'll work to resolve them quickly: privacy@trycedric.com.

If you're in Australia and not satisfied, you may also contact the Office of the Australian Information Commissioner (OAIC).

We may update this policy to reflect changes to the service, law, or our providers. We'll update the “Last updated” date above. If changes are material, we'll take reasonable steps to notify you.