Privacy Policy

Effective date: May 15, 2026

This Privacy Policy explains how [YOUR_LEGAL_COMPANY_NAME](“[YOUR_BRAND_NAME]”, “we”, “us”) collects, uses, stores, and discloses information when you use our website, software, and services (the “Service”). We take privacy seriously and aim to be transparent about every data flow.

1. Who We Are

[YOUR_LEGAL_COMPANY_NAME] is the data controller for personal information collected through the Service. You can reach us at [YOUR_SUPPORT_EMAIL] or at our registered address listed at the bottom of this page.

2. Information We Collect

2.1 Account information

When you create an account we collect your name, email address, password (hashed), company name (optional), and — for Google sign-in — your Google ID, name, profile picture, and verified email.

2.2 Billing information

Payments are processed by Razorpay. We receive the payment amount, transaction ID, payment status, and a masked card descriptor. We never store full card numbers, CVVs, or UPI PINs on our servers.For invoicing we store the business name, address, and GSTIN you provide.

2.3 Customer (visitor) data

If you deploy our chatbot on your website, we process the data your visitors share with the bot: name, email, phone number, conversation messages, and visitor metadata (IP address, approximate city/country, device, browser, page URL). This data is yours; we act as a data processor and only use it to operate the Service for you.

2.4 Usage information

We log basic usage events (logins, plan changes, bot edits, API calls) and technical data (IP address, browser, OS) for security, debugging, and product analytics.

2.5 Communications

If you contact us, we keep a record of your message and our reply so we can help you and improve the Service over time.

3. How We Use Information

• To provide, maintain, and improve the Service.
• To process payments and send invoices.
• To send transactional emails (verification, billing receipts, lead alerts).
• To detect, prevent, and respond to fraud, abuse, or security incidents.
• To comply with legal obligations.
• To send product updates if you opt in. You can opt out at any time.

4. Legal Basis for Processing

We rely on (a) your consent — given when you sign up; (b) contractual necessity — to deliver the Service you pay for; (c) legitimate interests — to keep the Service secure and improve it; and (d) legal obligation — for tax, accounting, and regulatory compliance.

5. Sharing & Disclosure

We do not sell your personal information. We share data only with:

• Sub-processors that help operate the Service, under contract: hosting (Vercel / cloud provider), database (MySQL), payments (Razorpay), email delivery (Resend), AI inference (Google Gemini and/or OpenAI), and messaging (Meta WhatsApp Cloud API).
• Law enforcement if required by a valid legal request.
• Acquirers in the event of a merger, acquisition, or asset sale, in which case we will notify you in advance.

6. International Transfers

Some of our sub-processors operate outside India. When data is transferred internationally, we ensure appropriate safeguards are in place (such as standard contractual clauses).

7. Data Retention

We retain your account data for as long as your account is active. After you delete your account, we retain anonymised usage data and any data we are required to keep for legal or accounting purposes (e.g. invoices for 7 years per Indian tax law). All other personal data is deleted within 90 days of account deletion.

8. Security

We use industry-standard measures to protect personal data: TLS for data in transit, hashing of passwords (bcrypt), encrypted secrets, role-based access for our team, and audit logging. No system is perfectly secure; if a breach affects your data, we will notify you and the relevant authorities as required by law.

9. Your Rights

Depending on your jurisdiction you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (subject to legal retention requirements).
• Restrict or object to certain processing.
• Export your data in a portable format.
• Withdraw consent at any time.

To exercise any of these rights, email [YOUR_SUPPORT_EMAIL]. We respond within 30 days.

10. Cookies & Similar Technologies

We use a small number of strictly necessary cookies for authentication (session token) and to remember your preferences (theme, sidebar state). We do not use third-party advertising cookies. The embedded chat widget may set a localStorage entry on your visitor’s browser to maintain conversation continuity.

11. Children

The Service is not directed to children under 18. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the new version here and update the “Effective date” at the top. If the change is material we will notify you by email.

13. Contact

For privacy questions or requests, contact us at: