Privacy Policy

Last updated: April 24, 2026

This Privacy Policy explains how Chattery ("we," "us," or "our") collects, uses, and shares information when you use our service at getchattery.com (the "Service").

1. Information We Collect

We collect the following categories of information:

Account information: email address, password hash, display name, company name.
Chatbot configuration: prompts, knowledge documents you upload, widget settings, embed domains.
Conversation data: messages exchanged between your chatbot and your visitors, visitor identifiers (anonymous unless you configure otherwise), timestamps.
Billing information: processed by Stripe; Chattery stores only subscription status and plan tier, not card numbers.
Usage and diagnostic data: IP addresses, user agent, pages visited, error reports.

2. How We Use Your Information

To provide, maintain, and improve the Service.
To generate chatbot responses, which involves sending relevant conversation context and your knowledge content to our AI providers (Anthropic and OpenAI).
To process payments and manage your subscription.
To communicate with you about your account, including security notices and service updates.
To detect, prevent, and address fraud or abuse.

3. Sub-processors

We rely on the following third-party services to operate Chattery:

Supabase — database, authentication, file storage.
Anthropic — AI model for chatbot responses.
OpenAI — embeddings for knowledge retrieval.
Stripe — payment processing.
Resend — transactional email.
Sentry — error monitoring.
Upstash — rate limiting and caching.
Vercel — hosting and content delivery.

4. Data Retention

We retain your account information and conversation data for as long as your account is active. When you delete your account, we remove your personal data within 30 days, except where retention is required by law (e.g., tax records).

5. Your Rights

Depending on your jurisdiction (including the EU/EEA under GDPR and California under CCPA), you may have the right to:

Access a copy of the personal data we hold about you.
Correct inaccurate personal data.
Request deletion of your personal data ("right to be forgotten").
Export your data in a portable format ("data portability").
Object to certain processing activities.

To exercise any of these rights, contact us at privacy@getchattery.com.

6. International Transfers

Your data may be processed in the United States and other countries where our sub-processors operate. Where data is transferred out of the EU/EEA, we rely on Standard Contractual Clauses or equivalent safeguards.

7. Security

We encrypt data in transit (TLS) and at rest (AES-256). Access to production systems is restricted and logged. Despite our safeguards, no system is perfectly secure; we encourage you to use a strong, unique password.

8. Children

Chattery is not intended for children under 16. We do not knowingly collect personal data from children.

9. Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date and, for material changes, notify you by email.

10. Contact

Questions about this policy? Email privacy@getchattery.com.

[LEGAL-REVIEW-NEEDED] This is a draft for review by qualified counsel before public launch. Replace placeholders (entity name, jurisdiction, DPA availability, retention specifics) and confirm GDPR/CCPA compliance before removing this banner.