Privacy Policy

We collect the following types of information:

Account Data: When you register, we collect your name, email address, and password (stored as a secure hash). If you subscribe to a paid plan, we collect billing information through our payment processor (Stripe).

Usage Data: We automatically collect information about how you use the Service, including pages visited, features used, and interaction patterns. This helps us improve the Service.

Chat Data: When your connected bots receive messages, those messages are processed by our AI system to generate responses. We store conversation data to provide the Service and generate analytics.

We use your information to: provide and maintain the Service; process subscriptions and payments; send transactional emails (verification, password reset, billing); generate analytics and usage reports for your dashboard; improve the Service and develop new features; protect against fraud, abuse, and security threats.

We do not sell your personal information to third parties. We do not use your chat data to train AI models.

To provide the Service, we share data with the following categories of processors:

Messaging Platforms: Meta (for Facebook Messenger and WhatsApp) and Telegram receive and deliver messages through their APIs. Messages are subject to each platform's data policies.

AI Providers: Google (Gemini), OpenAI, and Anthropic (Claude) process message content to generate AI responses. These providers act as data processors and process data according to their respective data processing agreements.

Payment Processor: Stripe handles all payment and billing data. We do not store credit card numbers on our servers.

Email Service: Resend processes transactional emails (verification, password reset) on our behalf.

We use strictly necessary cookies to operate the Service. These include authentication cookies and language preference cookies. We do not use tracking, analytics, or advertising cookies.

For detailed information about the specific cookies we use, please refer to our Cookie Policy.

We retain your account data for as long as your account is active. Chat data and analytics are retained according to your subscription plan's data retention period.

When you delete your account, we retain your data for 30 days to allow for recovery or data export. After this period, all personal data is permanently deleted from our systems and backups within 90 days.

We implement appropriate technical and organizational measures to protect your data, including: encryption in transit using TLS/SSL; secure password hashing using Argon2; httpOnly cookies to prevent cross-site scripting attacks; Redis-backed rate limiting to prevent brute-force attacks; regular security reviews and updates.

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

Depending on your location, you may have the following rights regarding your personal data:

Right to Access: Request a copy of the personal data we hold about you. Right to Rectification: Request correction of inaccurate personal data. Right to Deletion: Request deletion of your personal data. Right to Data Portability: Request your data in a structured, machine-readable format. Right to Restrict Processing: Request that we limit how we use your data. Right to Withdraw Consent: Withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at legal@projectfire.com. We will respond within 30 days.

Your data may be processed in countries other than your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses or equivalent legal mechanisms approved by relevant data protection authorities.

By using the Service, you acknowledge that your data may be transferred to and processed in these locations.

The Service is not directed at children under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly.

If you believe a child has provided us with personal information, please contact us at legal@projectfire.com.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through an in-app notification at least 14 days before the changes take effect.

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy. If you disagree with the changes, you may delete your account before they take effect.

If you have questions about this Privacy Policy or our data practices, please contact us at legal@projectfire.com. We aim to respond to all inquiries within 30 days.