Back to Home
GDPR & CCPA Compliant

Privacy Policy

How we collect, use, and protect your personal information

Last updated: January 7, 2025

Quick Navigation

1. Overview2. Information We Collect3. How We Use Information4. Information Sharing5. Data Retention6. Your Rights7. Cookies & Tracking8. Third-Party Services9. International Transfers10. Security11. Contact Us

1. Overview

This Privacy Policy describes how ChatBot SaaS ("we," "our," or "us") collects, uses, and protects your personal information when you use our AI-powered chatbot platform and related services (the "Service").

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) for EU users and the California Consumer Privacy Act (CCPA) for California residents.

Key Points:

  • • We only collect information necessary to provide our services
  • • We never sell your personal data to third parties
  • • You have full control over your data and can delete it anytime
  • • We use industry-standard security measures to protect your data

2. Information We Collect

Account Information

  • • Name and email address (required for account creation)
  • • Profile picture (optional)
  • • Password (encrypted and stored securely)
  • • Subscription and billing information

Chatbot Data

  • • Chatbot configurations and settings
  • • Website content analyzed for knowledge base creation
  • • Chat conversations and messages
  • • Analytics and usage statistics

Usage Information

  • • IP addresses and device information
  • • Browser type and version
  • • Pages visited and time spent on our platform
  • • Feature usage and interaction patterns

End-User Data (Chatbot Visitors)

  • • Messages sent to your chatbots
  • • Basic analytics (page views, session duration)
  • • Lead information (if provided voluntarily)
  • • No personally identifiable information unless voluntarily provided

3. How We Use Information

Service Provision

We use your information to provide, maintain, and improve our chatbot platform, including creating and training AI models for your specific use cases.

Communication

We may send you service-related notifications, security alerts, and updates about your account or our services.

Analytics & Improvement

We analyze usage patterns to improve our platform, develop new features, and provide better user experiences.

Legal Compliance

We may process your information to comply with legal obligations, resolve disputes, and enforce our agreements.

4. Information Sharing

We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Service Providers

We may share information with trusted third-party service providers who help us operate our platform:

  • • Cloud hosting providers (secure data storage)
  • • Payment processors (billing and subscriptions)
  • • Email service providers (transactional emails)
  • • Analytics providers (usage insights)

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

5. Data Retention

Account Data

We retain your account information for as long as your account is active or as needed to provide services. You can delete your account at any time.

Chatbot Data

Chatbot configurations and conversations are retained until you delete them or close your account. You have full control over this data.

Analytics Data

Aggregated, anonymized analytics data may be retained for up to 2 years for service improvement purposes.

Legal Requirements

Some information may be retained longer if required by law, such as billing records for tax purposes.

6. Your Rights (GDPR & CCPA)

🇪🇺 EU Residents (GDPR)

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate data
  • Erasure: Delete your data ("right to be forgotten")
  • Portability: Export your data
  • Objection: Object to data processing
  • Restriction: Limit how we use your data

🇺🇸 California Residents (CCPA)

  • Know: What personal info we collect
  • Delete: Request deletion of your data
  • Opt-out: Stop sale of personal info (we don't sell)
  • Non-discrimination: Equal service regardless of requests
  • Access: Get a copy of your data

📧 How to Exercise Your Rights

Self-Service: Most actions can be done in your account settings

Email: Contact us at privacy@chatbotsaas.com

Response Time: We respond within 30 days

7. Cookies & Tracking Technologies

We use cookies and similar technologies to improve your experience, analyze usage, and provide personalized content.

Essential Cookies

Required for the platform to function. These cannot be disabled.

  • • Authentication and session management
  • • Security and fraud prevention
  • • Load balancing and performance

Analytics Cookies

Help us understand how you use our platform (with your consent).

  • • Usage statistics and feature adoption
  • • Performance monitoring
  • • Error tracking and debugging

Marketing Cookies

Used to show relevant ads and measure campaign effectiveness (optional).

Cookie Consent

We ask for your consent before setting non-essential cookies. You can manage your preferences in our cookie banner or account settings.

8. Third-Party Services

We integrate with trusted third-party services to provide our platform functionality:

🤖 OpenAI

AI model processing

OpenAI Privacy Policy

💳 Stripe

Payment processing

Stripe Privacy Policy

☁️ Vercel

Hosting and infrastructure

Vercel Privacy Policy

📧 Email Services

Transactional emails

Resend, SendGrid, or SMTP providers

Data Processing Agreements

All third-party processors have signed Data Processing Agreements (DPAs) and comply with GDPR and other applicable data protection laws.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

Adequacy Decisions

We prioritize countries with EU adequacy decisions when possible

Standard Contractual Clauses

EU-approved SCCs for transfers to non-adequate countries

Data Protection Certifications

Our processors maintain relevant security certifications

10. Data Security

We implement industry-standard security measures to protect your personal information:

Technical Safeguards

  • • Encryption in transit and at rest
  • • Regular security audits
  • • Access controls and authentication
  • • Secure backup procedures

Organizational Measures

  • • Employee training and access limits
  • • Incident response procedures
  • • Regular security updates
  • • Third-party security assessments

Security Incident Notification

In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours as required by law.

11. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights, please contact us:

General Privacy Inquiries

Email: privacy@chatbotsaas.com

Response Time: Within 48 hours

Data Protection Officer: dpo@chatbotsaas.com

Regulatory Authorities

EU Residents: Contact your local Data Protection Authority

California Residents: File a complaint with the California Attorney General

Policy Updates

We may update this Privacy Policy from time to time. We'll notify you of significant changes via email or through our platform. Continued use of our services after changes constitutes acceptance of the updated policy.