Privacy Policy
Thank you for choosing automatic.chat. At automatic.chat, the privacy and security of our users are of paramount importance. This Privacy Policy document outlines the types of information we collect and how we use this information.
1. Information We Collect
1.1 User-Provided Information: When you use automatic.chat, you may provide information such as email, name, and billing details for subscription and support purposes.
1.2 Training Data: When training the chatbot, you will upload your custom data through the form of PDF's, txt files, URLs, Google Docs, Spreadsheets, etc. This information will be stored in our database as well as in the vector database we use for retrieval and is collected for the bot to provide custom tailored answers, based on that data.
1.3 Chat History: We store anonymized chat logs to improve the chatbot's performance and provide better support. This data is collected to allow the bot owner to analyze user behavior and improve the chatbot's responses. Chat data may be exported at any time by the bot owner.
1.4 Cookies: We may use cookies and similar tracking technologies to track activity on our website and hold certain information. Cookies are files with small amounts of data that may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies: We use Session Cookies to operate our Service.
- Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
- Security Cookies: We use Security Cookies for security purposes.
- Analytics Cookies: We use Analytics Cookies to track information on how the Service is used so that we can make improvements
1.5 Usage Data: We may collect information on how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your devices's IP address, browser type, the pages of automatic.chat that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.
1.6 Support Ticket & Live Chat Data: When you contact our support team, we may collect information such as your name, email address, and the content of your support ticket or live chat. This information is collected to provide you with support and improve our services.
2. How We Use Your Information
2.1 Service Provision: We use the information we collect primarily to provide, maintain, and improve our services for you as a customer.
2.2 Communication: To notify you about changes to our services, provide support, or send administrative messages.
2.3 Enhancement: To understand user behavior and improve our services.
3. Who Has Access to This Information & Data Controller
The following parties have access to the following personal Information:
- Support Ticket & Live Chat Data: Founders and Employees of
automatic.chat. - Usage Data & Cookies: Founders of
automatic.chat - Bot Chat History & Training Data: Bot owner (presumably yourself) & the founders of
automatic.chat
The controller of your personal data is automatic.chat.
4. Data Storage, Protection & Data Processors
4.1 - We partner with third-party data processors to store and protect your data. These processors are GDPR compliant and have robust security measures in place to protect your data. Namely we use Pinecone DB (https://www.pinecone.io/security/) for our vector database, and Supabase (https://supabase.com/security) for our main Postgres database. We have Data Processing Agreements in place with both of these processors.
4.2 - All collected data (chat logs, training data) is stored on AWS (Amazon Web Services) servers in Virginia, United States & GCP (Google Cloud Platform) servers in The Dalles, Oregon, United States, with the latest encryption technology (both in transit and at rest). Both Data Processors that house the data are SOC2 Type II Compliant.
5. Length of Data Storage
5.1 - We store User Provided Information while you are a customer of automatic.chat as well as after you have stopped using our services, unless you have explicitly deleted bots, sources, or chat history, or made an explicit request to delete all of your data. This is established to retain the previous state of your bot data, if you return to using the service.
5.2 - Training Data is stored indefinitely to provide the chatbot the ability to provide custom tailored support, unless is explicitly deleted by the bot owner. The bot owner may, at any time, go to the 'Data' Page and deletes the data themselves. There is a button to delete all training data.
5.3 - Chat History is stored to provide the bot owner with the ability to analyze anonymized user behavior and improve the chatbot's responses. If a user deletes their account with automatic.chat, all chat history will be deleted as well. To delete your account, you must email [email protected]
5.4 - Support Ticket & Live Chat Data is stored indefinitely for quality assurance and training purposes, unless explicitly requested to be deleted by the bot owner.
5.4 - Backups of the data are stored on a 7 day rolling window, after which they are deleted.
6. International Data Transfers (GDPR)
6.1 - Transferring Your Data Internationally: In order to provide our services, we may need to transfer your personal data outside of the United Kingdom (UK) and the European Economic Area (EEA). This can occur if our servers or our service providers are located outside the UK/EEA. We ensure that these transfers are performed in a secure and lawful manner.
6.2 - Legal Safeguards for Data Transfers: To protect your personal data when it is transferred outside the UK/EEA, we implement robust legal safeguards. One key mechanism we use is the Standard Contractual Clauses (SCCs) approved by the European Commission, as well as IDTA's approved by the UK government. The IDTA/SCCs provide specific data protection and privacy guarantees, which our data processors outside the UK/EEA are contractually obligated to follow.
6.3 - About Standard Contractual Clauses: The Standard Contractual Clauses are a set of legal terms that ensure all data transfers meet the UK's GDPR compliance requirements. For more information on these clauses, please click here.
6.4 - Your Rights Regarding Data Transfers: You have specific rights concerning the transfer of your data internationally, including: the right to be informed about the transfer, the right to access your data, and the right to withdraw consent. More information is outlined in the "User Rights" section of this Privacy Policy.
6.5 - Whenever you subscribe to our services, you will be sent an agreement containing the Standard Contractual Clauses (SCCs) and IDTA's, which you must agree to before using our services.
7. Sharing Your Information
We do not sell or share your data with third parties for marketing purposes. We may share anonymized data with trusted partners for research and analysis purposes, however there is currently no third-party sharing of personal data for the aforementioned purposes.
We use some third-party services to help us operate our business, such as hosting services, customer support services, and analytics services. These third-party services may have access to your data for the purpose of performing these tasks on our behalf.
8. User Rights
As a resident of the European Union (EU) or European Economic Area (EEA), you are entitled to specific data protection rights under the General Data Protection Regulation (GDPR). We are committed to taking appropriate measures to enable you to correct, update, delete, or restrict the processing of your Personal Data. Below are your rights concerning data protection:
- to access your Personal Data by requesting a copy of all the information we process about you;
- to request the correction of inaccurate Personal Data by specifying the data that needs updating;
- to request the deletion of your Personal Data; please note, we may decline the request in certain cases permitted by law;
- to request the limitation of processing for specific Personal Data by identifying the data that should be restricted;
- to object to the processing of your Personal Data on grounds related to your unique situation;
- to withdraw your consent for processing Personal Data at any time. Note that withdrawal applies only to processing based on consent. We may continue processing your data if another lawful basis permits it for specific purposes;
- to file a complaint with a supervisory authority in your habitual residence, workplace, or the location of the alleged breach if you believe that your Personal Data is being processed in violation of GDPR.
If you want to exercise any of the above rights, kindly contact us via email at [email protected]. We may ask for identity verification before processing your request. Be aware that some essential data is required to provide the Service, and we may not be able to deliver it without that information.
9. Breach Notification
In the event of a data breach, we will notify affected users at the latest within 72 hours of becoming aware of the breach but typically within 24 hours of becoming aware of the breach.
We will provide information through email on what data was compromised and what steps we are taking to mitigate the breach.
10. Third-Party Services
Although no third-party integrations exist currently, future third-party services may be incorporated to enhance functionality. Such integrations would have their own privacy policies.
11. Cookies & Tracking
Cookies help improve user experience by remembering user preferences. If you prefer, you can set your browser to refuse all cookies.
12. Children's Privacy
Our service is not intended for anyone under the age of 13. We do not knowingly collect personal information from children under 13.
13. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify users of significant changes and encourage everyone to review this policy periodically.
14. Contact Us
For questions about this Privacy Policy or to request information about your stored data, please contact our support team at [email protected].
15. Audits
We conduct regular yearly audits to ensure compliance with this Privacy Policy.
If you have any concerns about how your data is being handled, please contact us at
Name: Haseab
Location: Toronto, Canada
Email: [email protected]