Privacy Policy

1. Who We Are

Crawl N Chat ("we," "us," "our") is an AI chatbot platform operated by Protemco. We enable businesses to create AI-powered chatbots trained on their own website content using retrieval-augmented generation (RAG).

Contact: info@protemco.com

2. Information We Collect

2.1 Account Data

When you create an account, we collect your name, email address, and password (stored in hashed form). If you sign up via OAuth (e.g., Google), we receive your name, email, and profile picture from the provider.

2.2 Payment Data

Payment processing is handled by Stripe. We do not store full credit card numbers. We retain billing email, transaction IDs, plan details, and payment status for record-keeping.

2.3 Website Crawl Data

When you submit a website URL, our crawler (Puppeteer) visits the publicly accessible pages of that website, extracts text content, chunks it into segments, and generates vector embeddings. This data is stored exclusively for powering your chatbot and is never shared with other customers.

2.4 Chat Conversation Data

We store messages exchanged between your chatbot and its end-users (your website visitors), including message content, timestamps, and session metadata. This data is used to provide conversation history, analytics, and lead capture functionality.

2.5 Lead Data

If you enable lead capture, we collect names, email addresses, and phone numbers that visitors voluntarily provide during chatbot conversations. This data belongs to you (the chatbot owner).

2.6 Usage & Analytics Data

We automatically collect IP address, browser type, device information, pages visited within our platform, feature usage patterns, and error logs to improve our service and troubleshoot issues.

2.7 Cookies

We use essential session cookies to keep you logged in, and may use analytics cookies to understand how our platform is used. Our embeddable chatbot widget may place a session cookie on your visitors' browsers to maintain conversation context.

3. How We Use Your Information

• Providing the Service: Crawling your website, generating embeddings, powering chatbot responses, storing conversation history, and delivering lead capture data.
• Payment Processing: Processing transactions, managing subscriptions and lifetime deal access, and issuing receipts.
• Transactional Emails: Sending account confirmations, password resets, billing notifications, and service updates via Resend.
• Analytics & Improvement: Understanding usage patterns to improve features, fix bugs, and optimize performance.
• Security: Detecting and preventing fraud, abuse, and unauthorized access.
• Customer Support: Responding to your inquiries and resolving issues.

4. Legal Basis for Processing (GDPR)

• Contract Performance: Processing necessary to provide the service you signed up for (account management, chatbot operation, payment processing).
• Legitimate Interest: Analytics, security monitoring, fraud prevention, and service improvement.
• Consent: Marketing emails and non-essential cookies. You may withdraw consent at any time.
• Legal Obligation: Tax records, regulatory compliance, and responding to lawful requests.

5. Third-Party Data Processors

We share data with the following third-party services solely to provide and operate Crawl N Chat:

AI Model Training: Data sent to Anthropic and OpenAI via their APIs is not used to train their models. Both providers' API terms prohibit using API inputs for model training.

6. AI-Specific Disclosures

• Chatbot responses are AI-generated using retrieval-augmented generation. Responses are sourced from your website content, but AI outputs may occasionally be imprecise.
• Your data is never used to train AI models. Content is processed solely to generate responses for your chatbot.
• Crawled website content is chunked, embedded, and stored per-customer. No customer's data is accessible to any other customer.
• You (the chatbot owner) are the data controller for your end-users' interactions with your chatbot. Crawl N Chat acts as a data processor on your behalf.

7. Chatbot Visitor (End-User) Data

When someone interacts with a chatbot you created using Crawl N Chat, we may collect:

• Chat messages and conversation content
• Name, email, and phone number (if lead capture is enabled and the visitor voluntarily provides them)
• Session identifiers and timestamps
• IP address and basic browser information

This data is controlled by you (the chatbot owner). Chatbot visitors who wish to access, correct, or delete their data should contact you directly. You are responsible for informing your visitors about data collection through your own privacy policy.

8. Website Crawling

• Crawling is initiated only by the website owner (or someone authorized by the website owner) who creates a chatbot.
• We only crawl publicly accessible pages. We respect robots.txt directives.
• Crawled content is used exclusively for that customer's chatbot and is not shared, sold, or used for any other purpose.
• We implement rate limiting to avoid impacting your website's performance.

9. Data Retention

• Account data: Retained while your account is active. Deleted within 30 days of account deletion.
• Conversation history: Retained according to your plan tier (7 days Free, 30 days Starter, 180 days Growth, 365 days Agency). You may delete conversations at any time.
• Crawled content & embeddings: Retained while your chatbot is active. Deleted upon chatbot deletion or account closure.
• Payment records: Retained for 7 years per tax and legal requirements.
• Backups: Automatically purged within 30 days of data deletion.

10. Data Security

We implement industry-standard administrative, physical, and technical safeguards to protect your data:

• Encryption in transit: All data transmitted between your browser and our servers is encrypted via TLS/HTTPS.
• Encryption at rest: Data stored in our database is encrypted at rest.
• Access controls: Role-based access, strong authentication, and principle of least privilege.
• Monitoring: Continuous security monitoring and logging.
• Breach notification: In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR, and within 24 hours to applicable partners including AppSumo.

11. Your Rights

Under GDPR (European Economic Area)

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your personal data.
• Portability: Receive your data in a structured, machine-readable format.
• Restriction: Request that we limit processing of your data.
• Objection: Object to processing based on legitimate interest.
• Withdraw consent: Withdraw consent at any time where processing is based on consent.

Under CCPA/CPRA (California)

• Right to Know: Request information about data collected, used, and disclosed.
• Right to Delete: Request deletion of your personal information.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt Out: We do not sell your personal information. We do not share personal information for cross-context behavioral advertising.
• Non-Discrimination: We will not discriminate against you for exercising your rights.

To exercise any of these rights, contact us at info@protemco.com. We will respond within 30 days.

12. International Data Transfers

Your data is processed and stored in the United States. If you are located outside the United States, your data will be transferred to the US for processing. For users in the European Economic Area, we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission to ensure adequate protection of your data during transfer.

13. Children's Privacy

Crawl N Chat is not intended for use by children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and/or a prominent notice on our website at least 30 days before changes take effect. Your continued use of Crawl N Chat after changes become effective constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at: