// Legal

PRIVACY
POLICY

Last updated: May 2026

We build AI texting agents for trade businesses. This policy explains what data we collect, why we collect it, who we share it with, and how you can control it. We wrote this to be readable — not to bury things in legalese.

1. WHO THIS APPLIES TO

This policy applies to two groups of people:

Business clients — trade business owners who use our platform to deploy an AI texting agent for their customers.
End customers — homeowners and individuals who interact with an AI agent deployed by one of our business clients, or who use the live demo on this website.

2. INFORMATION WE COLLECT

From business clients

Business name, contact name, email address, phone number
Business details: service area, pricing, hours, services offered
Calendar credentials (to enable live appointment booking)
Payment information (processed by our payment provider — we do not store card numbers)

From end customers (via text conversations)

Name, phone number, and email address (when provided during booking)
Service address (when scheduling an appointment)
The content of text conversations with the AI agent
Appointment details: date, time, job type

From website visitors and demo users

Messages sent through the live demo chat on this website
A randomly generated session ID (created fresh each visit, not tied to your identity)
No cookies, no tracking pixels, no fingerprinting
No IP addresses stored by us (Cloudflare may log these at the network layer per their own policy)

3. HOW WE USE YOUR INFORMATION

To operate and deliver the AI texting agent service
To book appointments on behalf of business clients
To route escalations to the appropriate human operator
To improve the accuracy of the AI agent's responses
To send booking confirmations and reminders
To calculate usage and billing for business clients
To debug errors and maintain service reliability

We do not use your data for advertising. We do not sell your data. Ever.

4. AI PROCESSING AND THIRD-PARTY PROVIDERS

Our AI agents are powered by large language models. When a customer sends a message, that message — along with relevant business knowledge — is sent to one or more of the following AI providers to generate a response:

Anthropic (Claude models) — Privacy Policy
OpenAI (GPT models) — Privacy Policy
Google (Gemini models and embeddings) — Privacy Policy
Groq (fast inference) — Privacy Policy

Message content is transmitted to these providers solely to generate a response. We do not authorise these providers to use your data for training their models beyond what their own policies permit. We recommend reviewing each provider's policy if this is a concern.

We also use Supabase for database storage. Conversation history and customer data is stored in Supabase-hosted PostgreSQL. Supabase Privacy Policy.

5. DATA STORAGE AND RETENTION

Conversation history is stored per customer per business client in our database
Business client data is retained for the duration of the client relationship plus 90 days
End customer conversation data is retained for 12 months from the last interaction, then deleted
Demo conversations from this website are deleted within 24 hours
Audit logs are retained for 12 months for security and debugging purposes
LLM usage logs (token counts, costs) are retained for billing purposes for 24 months

6. DATA SHARING

We share data only in the following circumstances:

With the business client — the trade business you are texting has access to your conversation history and booking details. This is necessary for them to serve you.
With AI providers — as described in Section 4, message content is sent to AI providers to generate responses.
With calendar providers — booking details are sent to the business's calendar system (Cal.com or Google Calendar) to create appointments.
Legal requirements — we may disclose data if required by law, court order, or to protect our legal rights.

We do not share, sell, or rent data to advertisers, data brokers, or any third party for commercial purposes.

7. YOUR RIGHTS

Depending on your location, you may have the following rights:

Access — request a copy of the data we hold about you
Correction — request that inaccurate data be corrected
Deletion — request that your data be deleted (we can delete all records associated with your phone number or email)
Portability — request your conversation data in a machine-readable format
Objection — object to how we process your data

To exercise any of these rights, contact us at the address in Section 10. We will respond within 30 days.

8. SECURITY

We take security seriously. Our measures include:

All data transmitted over HTTPS / TLS
Database access restricted to service role keys — not public-facing
Row-level security policies on all database tables
API endpoints protected by bearer token authentication
No customer data exposed in browser-side code
Regular API key rotation
Audit logging of all system events

No system is perfectly secure. In the event of a data breach that affects your personal data, we will notify affected parties within 72 hours of becoming aware.

9. CHILDREN'S PRIVACY

Our service is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it promptly.

10. CHANGES TO THIS POLICY

We may update this policy as our service evolves. Material changes will be communicated to business clients via email. The "Last updated" date at the top of this page reflects when the policy was last changed.

11. CONTACT

TradeBot AI

For privacy requests, data deletion, or questions about this policy:

Email: [email protected]

Response time: within 30 days

PRIVACYPOLICY