Privacy Policy

1. Information We Collect

Account Information: When you sign up for EchoSite, we collect your name, email address, and payment information (processed securely through Stripe). This information is essential for creating your account, processing payments, and communicating with you about your service.

Business Knowledge Data: You provide the information that trains your AI chatbot, including business details, FAQ content, product information, and any other knowledge you choose to share. This data is stored securely and used exclusively to power your chatbot's responses.

Lead Capture Data: When your chatbot captures a lead, we store the visitor's email address, their question or message, timestamp, and any other information they voluntarily provide. This data is collected on your behalf and displayed in your dashboard for follow-up.

Usage Information: We automatically collect information about how you interact with our service, including pages visited, features used, conversation volumes, and technical data like IP addresses and browser types. This helps us improve our service and troubleshoot issues.

2. How We Use Your Information

We use the information we collect for specific, limited purposes:

• Service Delivery: To provide and maintain your AI chatbot functionality, including processing conversations and displaying captured leads
• Account Management: To manage your subscription, process payments, and communicate important account updates
• Customer Support: To respond to your questions, resolve technical issues, and provide assistance when needed
• Service Improvement: To analyze usage patterns, identify bugs, and develop new features that benefit our users
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

What we DON'T do: We never sell your data to third parties. We never use your business knowledge or lead data for advertising. We never share your information with competitors or use it to train AI models for other customers.

3. Data Storage and Security

Your data security is paramount to us. We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
• Secure Infrastructure: We host our services on secure, SOC 2 compliant cloud infrastructure with regular security audits
• Access Controls: Strict internal access controls ensure only authorized personnel can access your data, and only when necessary for support or maintenance
• Regular Backups: Your data is backed up daily to prevent loss from technical failures or disasters
• Payment Security: We never store your credit card information—all payments are processed through Stripe's PCI-compliant secure payment platform

4. Data Sharing and Third Parties

We share your information only with trusted service providers who help us operate our business:

• Stripe: For secure payment processing (subject to Stripe's privacy policy)
• Cloud Hosting Provider: For secure data storage and service infrastructure
• Email Service: For sending transactional emails and important account notifications

All third-party providers are carefully vetted, bound by strict confidentiality agreements, and prohibited from using your data for any purpose other than providing their specific service to us. We never sell, rent, or share your data with advertisers or marketers.

5. Your End Users' Privacy

Your Responsibility: As an EchoSite customer, you act as a data controller for any personal information collected from your website visitors through the chatbot. You are responsible for:

• Providing clear notice to visitors that they're interacting with an AI chatbot
• Disclosing in your own privacy policy that visitor data may be collected and stored
• Obtaining appropriate consent for data collection where required by law (e.g., GDPR, CCPA)
• Handling lead data in compliance with applicable privacy laws

Our Role: EchoSite acts as a data processor, storing and managing lead data on your behalf. We follow your instructions regarding this data and maintain security measures to protect it.

6. Your Privacy Rights

You have full control over your data. Your rights include:

• Access: Request a copy of all personal data we hold about you
• Correction: Update or correct any inaccurate information in your account
• Deletion: Request deletion of your account and all associated data (subject to legal retention requirements)
• Export: Download your business knowledge and lead data at any time through your dashboard
• Objection: Object to certain data processing activities, such as marketing communications

To exercise any of these rights, simply contact us atscale@quantumiq.dev. We will respond within 30 days.

7. Data Retention

We retain your data only as long as necessary to provide our services and comply with legal obligations:

• Active Accounts: Your data is retained for the duration of your subscription
• Canceled Accounts: After cancellation, we retain your data for 30 days to allow for reactivation, then it's permanently deleted
• Legal Requirements: Some data (like billing records) may be retained longer to comply with tax and accounting regulations

8. Cookies and Tracking

EchoSite uses minimal cookies and tracking technologies:

• Essential Cookies: Required for authentication and basic service functionality
• Analytics: We use privacy-friendly analytics to understand how our service is used and identify areas for improvement
• No Advertising: We do not use cookies for advertising or tracking across other websites

9. International Data Transfers

EchoSite operates globally and may transfer your data to servers located outside your country of residence. We ensure all international transfers comply with applicable data protection laws through appropriate safeguards, including standard contractual clauses where required.

10. Children's Privacy

EchoSite is not intended for use by individuals under 16 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately so we can delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of any material changes by email or through a prominent notice on our website at least 30 days before changes take effect. We encourage you to review this policy regularly to stay informed about how we protect your information.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: scale@quantumiq.dev

We take privacy inquiries seriously and will respond promptly to address your concerns.