Privacy Policy

We collect the following categories of information:

• Account Information: Email address and authentication credentials when you create an account.
• Bot Configuration Data: Prompts, settings, integrations, and other content you provide when creating and configuring bots.
• Conversation Data: Messages exchanged between your bots and their end users, including text, attachments, and metadata (timestamps, channel identifiers).
• Usage Data: Information about how you interact with the Service, including pages visited, features used, bot activity metrics, and error logs.
• Payment Information: Billing details are processed by our third-party payment provider (Polar / Stripe). We do not store full credit card numbers on our servers.
• Third-Party Account Data: When you connect external services (Google, Telegram, WhatsApp, Facebook, etc.), we receive and store authentication tokens and necessary identifiers to operate integrations on your behalf.

• To provide, maintain, and improve the Service.
• To process and deliver conversations between your bots and their end users.
• To debug issues, monitor performance, and improve service reliability.
• To process payments and manage your subscription.
• To send you service-related communications, including updates, security alerts, and support messages.
• To detect, prevent, and address fraud, abuse, or violations of our Terms of Service.
• To comply with legal obligations.

We do not sell your personal information, and we do not transfer it to third parties for advertising, data brokering, credit assessment, lending, or AI model training. We may share your information in the following circumstances:

• AI Model Providers: Conversation content is sent to third-party AI model providers (such as Google and OpenAI) solely to generate bot responses in real time. We use these providers under terms that prohibit the use of your data, including Google user data, for training their models. These providers process data according to their own privacy policies and data processing agreements.
• Channel Platforms: When your bots operate on third-party platforms (Telegram, WhatsApp, Facebook Messenger, etc.), message data is transmitted through those platforms according to their respective privacy policies.
• Payment Processors: Billing information is shared with our payment processor to process transactions.
• Legal Requirements: We may disclose information when required by law, in response to valid legal process, or to protect the rights, property, or safety of prompt2bot, our users, or the public.
• Law Enforcement: We will report illegal content (including child sexual abuse material) to the appropriate authorities, including the National Center for Missing & Exploited Children (NCMEC), and preserve associated data as required.

Our use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Google Data Collection:

When you connect your Google account or use Google-integrated services, we may access and collect Google user data. This includes:

• Google account profile information (such as email address, name, and profile picture) to authenticate your identity.
• Authentication tokens and integration metadata required to operate the connected Google integrations.
• Specific contents and resources (such as Google Sheets data, Calendar events, Gmail messages, Docs, and files in Google Drive) that you explicitly authorize your bots to access, read, create, or modify on your behalf.

Google Data Usage:

We use Google user data solely to:

• Provide, operate, and maintain the integrations you configure (e.g., allowing your bots to read Sheets, schedule events, or send emails on your behalf).
• Authenticate your account and verify access.
• Improve and optimize the user-facing functionality of the Service.

Google Data Sharing & Disclosure:

We do not sell Google user data to third parties, and we do not transfer or disclose Google user data for reasons other than providing or improving your application's functionality. Specifically, Google user data is never used or transferred for:

• Serving targeted, personalized, retargeted, or interest-based advertisements.
• Selling to data brokers or information resellers.
• Determining credit-worthiness or for lending purposes.
• Creating databases for other applications or commercial purposes.
• Training machine learning or AI models.

Google user data is never shared with humans, except with your explicit consent, as required for security purposes (such as investigating abuse), or to comply with applicable law.

Google Data Protection & Security:

We implement rigorous security procedures and data protection mechanisms to protect the confidentiality and integrity of Google user data:

• All Google user data, including OAuth tokens and credentials, is encrypted in transit using Transport Layer Security (TLS) and encrypted at rest using strong industry-standard encryption algorithms.
• We employ secure, restricted credential storage and access control mechanisms to prevent unauthorized access.

Google Data Retention & Deletion:

We retain Google user data (including OAuth tokens) only for as long as your account is active and connected, or as needed to provide the requested integrations. You can disconnect your Google account or request the deletion of your account at any time. Upon account deletion or disconnection, we will securely delete or anonymize your Google user data and credentials from our active databases within a reasonable timeframe, unless a longer retention period is required by law.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to certain processing of your data.

To exercise any of these rights, contact us using the information below. We will respond within a reasonable timeframe.