Privacy Policy

Last updated: April 21, 2026

This Privacy Policy describes how prompt2bot ("we", "us", "our") collects, uses, stores, and protects your information when you use the prompt2bot platform and services ("Service"). By using the Service, you consent to the practices described in this policy.

1. Information We Collect

We collect the following categories of information:

  • Account Information: Email address and authentication credentials when you create an account.
  • Bot Configuration Data: Prompts, settings, integrations, and other content you provide when creating and configuring bots.
  • Conversation Data: Messages exchanged between your bots and their end users, including text, attachments, and metadata (timestamps, channel identifiers).
  • Usage Data: Information about how you interact with the Service, including pages visited, features used, bot activity metrics, and error logs.
  • Payment Information: Billing details are processed by our third-party payment provider (Polar / Stripe). We do not store full credit card numbers on our servers.
  • Third-Party Account Data: When you connect external services (Google, Telegram, WhatsApp, Facebook, etc.), we receive and store authentication tokens and necessary identifiers to operate integrations on your behalf.

2. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To process and deliver conversations between your bots and their end users.
  • To debug issues, monitor performance, and improve service reliability.
  • To process payments and manage your subscription.
  • To send you service-related communications, including updates, security alerts, and support messages.
  • To detect, prevent, and address fraud, abuse, or violations of our Terms of Service.
  • To comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information, and we do not transfer it to third parties for advertising, data brokering, credit assessment, lending, or AI model training. We may share your information in the following circumstances:

  • AI Model Providers: Conversation content is sent to third-party AI model providers (such as Google and OpenAI) solely to generate bot responses in real time. We use these providers under terms that prohibit the use of your data, including Google user data, for training their models. These providers process data according to their own privacy policies and data processing agreements.
  • Channel Platforms: When your bots operate on third-party platforms (Telegram, WhatsApp, Facebook Messenger, etc.), message data is transmitted through those platforms according to their respective privacy policies.
  • Payment Processors: Billing information is shared with our payment processor to process transactions.
  • Legal Requirements: We may disclose information when required by law, in response to valid legal process, or to protect the rights, property, or safety of prompt2bot, our users, or the public.
  • Law Enforcement: We will report illegal content (including child sexual abuse material) to the appropriate authorities, including the National Center for Missing & Exploited Children (NCMEC), and preserve associated data as required.

4. Data Access

Conversation data processed through your bots is accessible to you (the bot owner) through the dashboard and API. Our team may also access conversation data for debugging, support, and service improvement purposes. End users of your bots should be informed by you that their conversations are processed by an AI service and accessible to the bot owner.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Conversation data is retained as long as necessary for bot operation and service improvement. Upon account deletion, we will delete or anonymize your personal data within a reasonable timeframe, except where retention is required by law or necessary for legitimate business purposes (such as resolving disputes or enforcing our Terms).

6. Data Security

We implement industry-standard technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. These include encryption of data in transit (TLS), access controls, and secure credential storage. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Cookies and Analytics

We use analytics services (such as PostHog) to understand how the Service is used and to improve it. These services may collect usage data including pages visited, features used, and interaction patterns. We do not send data obtained from Google APIs (or other OAuth-connected accounts) to analytics providers, and we do not use advertising cookies or tracking pixels for ad targeting.

8. Limitations on Use of Google User Data

Our use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we do not use or transfer Google user data for: serving advertisements (including targeted, personalized, retargeted, or interest-based advertising); selling to data brokers or information resellers; determining credit-worthiness or for lending purposes; creating databases; or training AI or machine learning models. Google user data is used only to provide or improve user-facing features of the Service, and is never shared with humans except with your explicit consent, as required for security (e.g. investigating abuse), to comply with applicable law, or as part of operations and support where such data has been aggregated and anonymized.

9. Third-Party Services

The Service integrates with third-party platforms and providers. When you connect external services or your bots operate on third-party channels, your data is subject to the privacy policies of those providers in addition to this policy. We encourage you to review the privacy policies of any third-party services you use in connection with prompt2bot.

10. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from your jurisdiction. By using the Service, you consent to the transfer of your information to these countries.

12. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain processing of your data.

To exercise any of these rights, contact us using the information below. We will respond within a reasonable timeframe.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Questions? Contact us via WhatsApporDiscord