🤖 AskingToBot
Home Pricing Login Get Started

Privacy Policy

Last updated: January 06, 2026 | Version 1.0

At AskingToBot, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered chatbot service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Full name
  • Email address
  • Password (encrypted and hashed)
  • Account creation date and IP address
  • Terms acceptance timestamp and IP address

1.2 Chatbot and Service Data

When you use our service, we collect:

  • Chatbot configurations: Settings, customizations, and branding you apply to your chatbots
  • Training data: Question and answer pairs you provide to train your chatbot
  • Uploaded documents: PDF files, markdown files, text files, and URLs you upload for AI-powered responses
  • Conversation logs: Chat sessions between your chatbot and your website visitors (leads)
  • Lead information: Visitor names, emails, and messages collected through your chatbots

1.3 Usage and Analytics Data

We automatically collect:

  • IP addresses and geolocation data
  • Browser type and version
  • Device information (desktop, mobile, tablet)
  • Pages visited and features used
  • Time spent on the platform
  • Performance metrics and error logs

1.4 Payment Information

We use third-party payment processors (Razorpay and Stripe) to handle all payment transactions. We do not store your full credit card details on our servers. We only retain:

  • Last 4 digits of your card (for identification)
  • Card brand (Visa, Mastercard, etc.)
  • Billing email address
  • Subscription status and billing history

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service delivery: To provide, operate, and maintain our chatbot platform
  • Account management: To create and manage your user account
  • AI features: To generate embeddings and AI-powered responses using your training data
  • Payment processing: To process subscriptions and handle billing
  • Communication: To send transactional emails (welcome, payment confirmations, service updates)
  • Customer support: To respond to your inquiries and provide assistance
  • Platform improvement: To analyze usage patterns and improve our service
  • Security: To detect and prevent fraud, abuse, and security incidents
  • Legal compliance: To comply with legal obligations and enforce our terms

3. Data Storage and Security

3.1 Data Storage

Your data is stored securely using:

  • Database: PostgreSQL 14+ with encryption at rest
  • File storage: Secure server storage for uploaded documents
  • Vector embeddings: pgvector extension for AI-powered search (1536 dimensions)
  • Hosting: DigitalOcean data centers with enterprise-grade security

3.2 Security Measures

We implement industry-standard security practices:

  • Encryption: HTTPS/SSL for all data transmission
  • Password security: Bcrypt hashing for all user passwords
  • Access control: Role-based access restrictions
  • Regular backups: Automated daily database backups
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Updates: Regular security patches and software updates

Note: While we implement strong security measures, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

4. Data Sharing and Third Parties

We share your data with the following third-party services:

4.1 Essential Service Providers

  • OpenAI: For generating AI embeddings and chatbot responses (text-embedding-3-small and GPT-3.5-turbo models). Your training data is sent to OpenAI's API for processing.
  • Razorpay & Stripe: For payment processing and subscription management. They receive your billing information and payment details.
  • DigitalOcean: For hosting and infrastructure. Your data is stored on their servers.

4.2 Optional Analytics

  • Google Analytics: If enabled, collects anonymous usage data to help us improve the platform. You can opt out using browser extensions.

4.3 What We Don't Do

We want to be clear about what we DO NOT do with your data:

  • ❌ We do not sell your personal data to third parties
  • ❌ We do not use your data for advertising purposes
  • ❌ We do not share your chatbot training data with competitors
  • ❌ We do not train AI models on your proprietary data without explicit consent

5. Your Data Rights

You have the following rights regarding your personal data:

5.1 Right to Access

You can access all your data through your account dashboard. This includes your chatbots, training data, conversation logs, and account settings.

5.2 Right to Export (Data Portability)

You can export your leads data (chat conversations and visitor information) in machine-readable format (CSV or JSON) at any time through your account settings. After account cancellation, you have a 30-day window to export this data.

5.3 Right to Deletion

You can request deletion of your account and all associated data at any time. Upon deletion:

  • Your account will be permanently deactivated
  • All chatbots, training data, and uploaded documents will be deleted within 30 days
  • Leads data will be available for export for 30 days, then permanently deleted
  • Your email will be removed from our marketing lists

5.4 Right to Correct

You can update your account information (name, email, password) at any time through your profile settings.

5.5 Right to Object

You can object to processing of your data for marketing purposes by unsubscribing from promotional emails or contacting us at mandeep@askingtobot.com.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies:

6.1 Essential Cookies

Required for the platform to function:

  • Session cookies: To keep you logged in and maintain your session
  • CSRF tokens: To protect against cross-site request forgery attacks
  • Authentication cookies: To remember your login state

6.2 Analytics Cookies (Optional)

If Google Analytics is enabled, we use cookies to collect anonymous usage statistics. These cookies help us understand how users interact with the platform.

Managing Cookies: You can control cookies through your browser settings. Note that disabling essential cookies may affect platform functionality.

7. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure adequate safeguards are in place:

  • DigitalOcean data centers with enterprise security certifications
  • OpenAI API with data processing agreements
  • Standard contractual clauses for international transfers

8. Data Retention

We retain your data for the following periods:

  • Active accounts: Data retained indefinitely while your account is active
  • Cancelled subscriptions: 30-day grace period for data export
  • Deleted accounts: All data permanently deleted within 30 days
  • Billing records: Retained for 7 years for tax and legal compliance
  • Security logs: Retained for 90 days for fraud prevention

9. Children's Privacy

Our service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at mandeep@askingtobot.com.

10. GDPR Compliance (EU Users)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal basis for processing: Contract performance (providing the service you signed up for)
  • Right to lodge a complaint: You can file a complaint with your local data protection authority
  • Right to restriction: You can request to restrict processing of your data in certain circumstances
  • Automated decision-making: We do not use automated decision-making or profiling

11. CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know: What personal information we collect and how we use it
  • Right to delete: Request deletion of your personal information
  • Right to opt-out: We do not sell personal information, so no opt-out is necessary
  • Non-discrimination: We will not discriminate against you for exercising your CCPA rights

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:

  • Email notification to your registered email address
  • Prominent notice on our website
  • Updating the "Last updated" date at the top of this policy

Your continued use of the service after changes to this Privacy Policy constitutes acceptance of the updated terms.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: mandeep@askingtobot.com

Service: AskingToBot

We will respond to your inquiry within 30 days of receipt.

Back to Home