Privacy Policy

Last updated: March 4, 2026

1. Overview

Annona Bot ("we", "us") is committed to protecting the privacy of our customers ("you") and their end users ("visitors"). This policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

From you (account holders):

  • Name, email address, company name (at registration)
  • FAQ content you upload (questions, answers, categories)
  • Widget configuration and preferences
  • Payment information (processed by our payment provider, not stored by us)

From visitors (chat widget users):

  • Chat messages sent to the widget
  • Session identifiers (randomly generated, not linked to personal identity)
  • Browser language and general metadata (user agent, referrer)
  • Feedback responses (thumbs up/down)

We do not collect: names, email addresses, or any personally identifiable information from visitors unless they voluntarily include it in a chat message. We store truncated IP addresses for rate limiting and abuse prevention only; these are not linked to chat content or used for tracking.

3. How We Use Data

  • FAQ content: Processed and used to match visitor questions. Not shared with third parties or used to train AI models.
  • Chat messages: For certain services, chat messages may be processed by AI technology to generate responses. Messages are processed in real-time and are not retained for model training purposes.
  • Analytics: Aggregated, anonymized usage data (query counts, resolution rates, language distribution) is shown in your dashboard.
  • Session data: Used to maintain conversation context within a single browsing session. Automatically expires after 30 minutes of inactivity.

4. Third-Party Services

Some of our services may use AI technology to assist with response generation and content matching. Where external providers are involved, data is processed in real-time and we select providers that do not use customer data for model training.

5. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account termination.
  • Conversation data: Retention varies by plan — from 30 days to unlimited. Old messages are periodically cleaned up in accordance with your plan's retention policy.
  • Cached responses: Temporarily cached for performance. Cache entries expire within 1-24 hours depending on your plan.

6. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (HTTPS) for all communication
  • API keys and passwords are securely hashed — we never store them in plain text
  • Tenant isolation — each company's data is logically separated
  • Rate limiting and abuse prevention mechanisms

7. Your Rights

You have the right to:

  • Access, correct, or delete your account data at any time
  • Request deletion of all conversation data associated with your company
  • Close your account and have all data removed

8. Your Responsibilities

As a chatbot operator, you are responsible for:

  • Informing your website visitors that they are interacting with an AI chatbot
  • Providing a privacy notice on your website that covers the use of Annona Bot
  • Ensuring your FAQ content does not contain sensitive personal data
  • Complying with applicable data protection laws in your jurisdiction

9. Cookies

The chat widget uses browser session storage (not cookies) to maintain conversation state. This data is automatically cleared when the browser tab is closed and is not shared across tabs or sessions.

10. Changes to This Policy

We may update this policy from time to time. We will notify account holders of material changes via email. Continued use of the Service after changes constitutes acceptance.

11. Contact

For privacy-related questions or data requests, contact us at [email protected].