CheapChatbots Logo
← Back to Home

Privacy Policy

Last updated: January 2, 2026

1. Introduction

Welcome to CheapChatbots ("we", "our", or "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website cheapchatbots.com and our AI chatbot services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

CheapChatbots is the data controller responsible for your personal data. If you have any questions about this policy, please contact us at info@cheapchatbots.com.

3. Information We Collect

3.1 Information You Provide

  • Account Information: Email address, name, password (encrypted)
  • Business Information: Company name, website domain, chatbot configuration
  • Payment Information: Processed securely by Stripe (we don't store credit card details)
  • Support Communications: Messages you send to our support team

3.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent (via Vercel Analytics - cookie-free)
  • Authentication Cookies: Essential cookies for keeping you signed in (via Supabase)
  • Device Information: Browser type, device type, IP address
  • Chatbot Conversations: Messages sent to your chatbots by end-users

3.3 Information from Third Parties

  • Website Scraping: Public information from your website for chatbot training
  • Stripe: Payment confirmation and subscription status

4. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: To create, host, and manage your AI chatbots
  • Account Management: To maintain your account and process authentication
  • Billing: To process payments and manage subscriptions
  • Support: To respond to your inquiries and provide customer service
  • Improvement: To analyze usage patterns and improve our services
  • Security: To detect and prevent fraud, abuse, and security incidents
  • Legal Compliance: To comply with legal obligations
  • Communications: To send service updates, security alerts, and (with consent) marketing emails

5. Legal Basis for Processing (GDPR)

  • Contract Performance: Processing necessary to provide our services
  • Legitimate Interest: Improving our services, security, and fraud prevention
  • Legal Obligation: Compliance with tax, accounting, and legal requirements
  • Consent: Marketing communications (opt-in required)

6. Data Sharing and Disclosure

We do not sell your personal data. We only share your data with:

  • Service Providers:
    • Supabase (database and authentication)
    • Vercel (hosting and analytics - cookie-free)
    • Stripe (payment processing)
    • OpenAI/Perplexity (AI chatbot responses)
  • Legal Requirements: When required by law, court order, or to protect our rights
  • Business Transfers: In case of merger, acquisition, or asset sale (with notice)

7. Data Retention

  • Account Data: Retained while your account is active
  • Chatbot Conversations: Retained for service delivery and improvement
  • Deleted Account Data: Anonymized analytics retained; personal data deleted within 30 days
  • Legal Retention: Some data may be retained longer for legal compliance (e.g., payment records for 7 years)

8. Your Rights (GDPR)

You have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request limited processing of your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for marketing communications
  • Complain: Lodge a complaint with your data protection authority

To exercise your rights, contact us at info@cheapchatbots.com or use the account deletion feature in your account settings.

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit (HTTPS/TLS) and at rest
  • Secure authentication with encrypted passwords
  • Regular security audits and updates
  • Access controls and authorization
  • Secure infrastructure provided by Supabase and Vercel

10. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA, including the United States. We ensure appropriate safeguards are in place through:

  • Standard Contractual Clauses (SCCs) with service providers
  • Service providers certified under relevant data protection frameworks
  • Adequate protection measures as required by GDPR

11. Cookies and Tracking

We use minimal cookies for essential functionality. For detailed information, see our Cookie Policy.

  • Essential Cookies: Authentication (Supabase) - required for service
  • Analytics: Vercel Analytics (cookie-free, privacy-focused)

12. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our website. The "Last updated" date at the top indicates when the policy was last revised.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: