Privacy Policy

Account Information: When you create an account, we collect your email address and any profile information you choose to provide.

Usage Data: We collect information about how you use our service, including chatbots created, documents uploaded, and feature usage patterns.

Payment Information: Payment processing is handled by Polar (polar.sh). We do not store your payment card details. Polar retains transaction data as required by their terms and applicable law.

Chatbot Content: Documents and web content you upload to train your chatbots, as well as end-user queries submitted to your chatbots, are processed by our AI sub-processors (see Section 8).

Technical Data: We automatically collect certain technical information, including IP address, browser type, operating system, and device information.

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and manage subscriptions
• Generate chatbot responses using AI language models
• Send you technical notices and support messages
• Respond to your comments and questions
• Analyze usage patterns to improve user experience
• Enforce our terms and conditions
• Comply with legal obligations

We do not sell or trade your personal information. We share data only with the following categories of recipients:

• Sub-processors: Third-party services we use to operate the platform (see Section 8 for the full list)
• Legal Requirements: We may disclose information when required by law or court order, or to protect our legitimate rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred to the successor entity

We retain your personal information for the following periods:

• Account data: Duration of service + 3 years for legal compliance
• Chatbot & document content: Until account deletion or manual deletion by you
• Usage analytics: 26 months
• Payment records: 7 years for tax and legal requirements
• Support communications: 3 years from last interaction

Upon account deletion, personal data and chatbot content are removed within 30 days. Backup copies are removed within 90 days. Some data may be anonymized and retained for statistical purposes.

Under GDPR you have the right to:

• Access the personal information we hold about you
• Correct any inaccurate personal information
• Request deletion of your personal information
• Object to or restrict processing of your information
• Data portability (receive a copy of your data in a structured format)
• Withdraw consent at any time (where processing is based on consent)
• Lodge a complaint with the supervisory authority (ÚOOÚ in Czechia)

To exercise any of these rights, contact us at support@chatbotty.ai.

We share data with the following categories of third-party providers to operate the service:

• AI language model provider — Your uploaded documents and chatbot queries are sent to OpenAI (USA) to generate responses. This is the most significant data transfer in terms of content. Data is processed under OpenAI's Privacy Policy.
• Database and authentication provider — Stores your account data, chatbot content, and documents.
• Hosting and infrastructure providers — Serve the application and handle caching. IP addresses and session identifiers may be processed for rate-limiting and performance purposes.
• Payment processor — Handles subscription billing and one-time purchases as Merchant of Record.
• Authentication provider — Enables sign-in via Google OAuth.

All providers are contractually bound to process data only as instructed and to maintain appropriate security measures.