Privacy Policy

1.1 Personal Information You Provide

• Account Information: Email address, display name, profile picture when you create an account
• Communication Data: Messages you send to our AI agents, conversations, and interactions
• Content Data: Files, images, and other content you upload to train your AI agents
• Payment Information: Billing details processed securely through Stripe (we don't store credit card information)

1.2 Information We Collect Automatically

• Usage Data: How you interact with our platform, features used, time spent
• Technical Data: IP address, browser type, device information, operating system
• Location Data: General location information derived from your IP address (country/city level)
• Analytics Data: Platform performance metrics and user behavior analytics

We use your personal information for the following purposes:

• Service Provision: To provide, maintain, and improve our AI agent platform
• Communication: To respond to your inquiries and provide customer support
• Billing: To process payments and manage your subscription
• Security: To protect against fraud, abuse, and security threats
• Analytics: To understand how our platform is used and improve our services
• Legal Compliance: To comply with applicable laws and regulations

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: When you explicitly agree to data processing (e.g., marketing communications)
• Contract: To fulfill our service agreement with you
• Legitimate Interest: For analytics, security, and service improvement (balanced against your privacy rights)
• Legal Obligation: To comply with applicable laws and regulations

We do not sell your personal information. We may share your information with:

• Service Providers: Firebase (Google), Stripe for payment processing, hosting providers
• AI Service Providers: OpenAI, Anthropic, or other AI models you choose to use
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In case of merger, acquisition, or sale of assets

All third parties are required to maintain appropriate security measures and use your data only as instructed.

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption: Data encrypted in transit and at rest
• Access Controls: Limited access to personal data on a need-to-know basis
• Security Monitoring: Continuous monitoring for security threats
• Regular Audits: Periodic security assessments and updates

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us using the information below.

We retain your personal information only as long as necessary for the purposes outlined in this policy:

• Account Data: Until you delete your account or request deletion
• Chat Messages: Until you delete conversations or your account
• Analytics Data: Aggregated data may be retained for up to 2 years
• Legal Requirements: Some data may be retained longer to comply with legal obligations

We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze how you use our platform
• Provide personalized experiences
• Ensure platform security

You can control cookie settings through your browser preferences.

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by GDPR

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending you an email notification (if required by law)
• Displaying a notice on our platform

Your continued use of our service after changes constitutes acceptance of the updated policy.

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

EU Residents: Find your local supervisory authority at edpb.europa.eu