Privacy Policy

BotPulse (“we”, “us”) operates the botpulse.app platform. This policy explains what data we collect, why, and how we handle it.

Account data — email address, provided during sign-up via magic link authentication.

Billing data — payment information processed by Stripe. We never store card numbers.

Workspace data — messages and conversations handled by your assistant and isolated per customer.

Session data — IP address and browser user-agent, collected automatically during authentication and stored for the duration of your session (up to 30 days).

Usage data — setup activity, workspace status, and basic analytics to operate the service.

• Provision and manage your assistant workspace
• Process subscription payments
• Send transactional emails (auth, billing, status alerts)
• Debug issues and improve the service
• Enforce our Terms and Conditions
• Comply with legal obligations

We do not sell your data. We do not run ads. We may share data with third parties as required to operate the service (Stripe for payments, Cloudflare for hosting, Resend for email).

If you are in the European Economic Area (EEA), we process your personal data under the following legal bases:

• Contractual necessity (Art. 6(1)(b)) — account creation, workspace provisioning, billing, and transactional emails are necessary to deliver the service you subscribed to.
• Legitimate interest (Art. 6(1)(f)) — session data (IP address, user-agent), setup activity, and usage data are collected to secure the service, debug issues, and prevent fraud.
• Legal obligation (Art. 6(1)(c)) — we may retain certain data to comply with tax, accounting, or legal requirements.

We may disclose your information, including account data, workspace data, and usage data, without notice to you when we believe in good faith that disclosure is necessary to: (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms and Conditions; (c) protect the rights, property, or safety of BotPulse, our users, or the public; (d) detect, prevent, or address fraud, security, or technical issues; or (e) respond to an emergency.

Data is stored on Cloudflare’s infrastructure and in our managed assistant runtime. Workspace conversations are isolated per customer. All connections use TLS encryption.

While we implement reasonable security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee the absolute security of your data.

The Service relies on third-party providers (Cloudflare, Stripe, Resend). We are not responsible for the privacy practices, security, availability, or actions of these providers. Your use of the Service constitutes acceptance of their respective terms and policies.

Your data may be transferred to and processed in the United States and other countries where our service providers (Cloudflare, Stripe, Resend) operate. These transfers are necessary to provide the Service. Where data is transferred outside the EEA, we rely on the service providers’ compliance mechanisms, including Standard Contractual Clauses (SCCs) and applicable adequacy decisions.

Account and workspace data is retained while your subscription is active. After cancellation or termination, we generally delete data within 30 days. You may export your data before deletion via your dashboard settings.

BotPulse shall not be liable for any loss, deletion, corruption, or unavailability of your data, regardless of cause. You are solely responsible for maintaining backups of any data you consider important.

We use essential cookies only. These are required for authentication and session management. We do not use analytics, advertising, or tracking cookies. No third-party cookies are set by our application.

You can export or delete your data at any time from your dashboard settings. You may also contact support@botpulse.app for assistance with data requests.

Under the GDPR, you have the right to access, rectify, erase, restrict processing, object to processing, and port your personal data. Account deletion anonymizes your personal information and cancels any active subscription.

If you are in the EEA, you also have the right to lodge a complaint with your local data protection supervisory authority.

Your assistant workspace processes conversations with third parties (your end-users). You are the data controller for all personal data processed by your workspace. You are solely responsible for: (a) informing your end-users that they are interacting with an AI assistant; (b) obtaining any necessary consents for data collection and processing; (c) complying with all applicable data protection laws (including GDPR, CCPA, and any other relevant regulations); and (d) responding to data subject requests from your end-users. BotPulse acts only as a data processor on your behalf and accepts no liability for your compliance failures.

We may update this policy at any time. Changes are effective immediately upon posting. Continued use of the Service constitutes acceptance. It is your responsibility to review this policy periodically.

Questions? Email support@botpulse.app.