Privacy Policy - Easy AI Chat Bot by Sans Terra

Last Updated: 4/16/2026

Introduction

Sans Terra ("we," "us," or "our") operates the Easy AI Chat Bot WordPress plugin ("the Plugin"). This Privacy Policy explains how we collect, use, disclose, and protect information when you use our Plugin and related services.

Important: This Plugin relies on external AI services to function. By using the Plugin, your data will be transmitted to and processed by our servers and third-party AI providers.

1. Information We Collect

1.1 Account Information

When you create an account and obtain an API key:

  • Email address
  • Domain name(s) you register
  • API key identifier
  • Account creation date
  • Subscription tier (free/premium)

1.2 Website Content and Bot Configuration

When you configure the Plugin:

  • WordPress page content you select for training (up to 4 pages on free tier)
  • Bot personality and rules you configure
  • Bot name and greeting messages
  • Custom knowledge base text
  • Business summary text
  • Notification email addresses
  • Notification rule configurations

Important: Each time a visitor sends a chat message, the bot's configured personality, rules, knowledge base text, and business summary are transmitted along with the message to the AI provider as contextual instructions. This means your training content leaves your WordPress site with every chat request in order to generate relevant responses.

1.3 Conversation Data

When visitors interact with your chatbot:

  • User messages sent to the bot
  • Bot responses generated
  • Conversation session IDs
  • Message timestamps
  • Number of messages per conversation
  • Domain where conversation occurred

Where conversations are stored: Conversation logs are stored in the site owner's own WordPress database — not on Sans Terra's servers. This means site owners retain direct control over their conversation data and can view, export, or delete it at any time from their WordPress admin dashboard.

1.4 Usage Information

Automatically collected when you use the Plugin:

  • Monthly message count
  • API key validation attempts
  • Error logs and debugging information
  • Plugin version
  • WordPress version
  • PHP version

1.5 Technical Information

  • IP addresses (for security and abuse prevention)
  • Browser type and version
  • Device type
  • Geographic location (country/region level only)

1.6 Subscription and Billing Information (Pro Users)

If you subscribe to a premium plan:

  • Handled by Stripe: All payment card details and billing credentials are collected and processed exclusively by Stripe. Sans Terra never receives, stores, or has access to your full credit card number or payment credentials.
  • Stored in your WordPress database: Subscription status, plan tier, Stripe customer ID, and basic invoice metadata (such as amount and date) are stored locally in your WordPress database to manage your subscription features.

1.7 Information We Do NOT Collect

  • Visitor names, emails, or contact information (unless they voluntarily provide it in chat)
  • Full payment card numbers or billing credentials (these are handled exclusively by Stripe)
  • Passwords (except your account password, which is hashed)
  • Visitor browsing history outside of chat interactions

2. How We Use Your Information

2.1 Primary Service Functions

  • Process chat requests: Send visitor messages to AI models and return responses
  • Train your bot: Use selected page content to generate relevant responses
  • Send notifications: Email you when specific conversation triggers occur
  • Manage usage limits: Track your monthly message count (100/month on free tier)
  • Store conversations: Save chat history for your review in the admin dashboard of the WordPress website on which the bot is installed.

2.2 Service Improvement

  • Analyze usage patterns: Understand how the Plugin is used (aggregated, anonymized data)
  • Fix bugs: Identify and resolve technical issues
  • Improve AI responses: Refine bot training and response quality
  • Develop features: Plan new functionality based on usage trends

2.3 Security and Compliance

  • Prevent abuse: Detect suspicious activity and API key misuse
  • Rate limiting: Enforce usage limits fairly
  • Legal compliance: Meet legal obligations and respond to lawful requests

2.4 Communication

  • Service announcements: Notify you of updates, maintenance, or important changes
  • Support: Respond to your help requests
  • Marketing: Send information about premium features (you can opt out)

3. How We Share Your Information

3.1 Third-Party Service Providers

We share data with trusted third parties who help us operate:

AI Model Providers (e.g., OpenAI, Anthropic):

  • Data Shared: Visitor messages, conversation history for the current user session, and your bot's configured personality, rules, knowledge base text, and business summary — all sent as context with each chat request
  • Purpose: Generate AI responses to visitor questions
  • Policies: These providers have their own data retention and privacy policies that also apply to the data they receive. Please review them directly:
  • Data Retention: Sans Terra does not retain message text on its servers after the AI response is delivered. However, the AI providers may retain data per their own policies (typically 30 days or less). Refer to their privacy policies linked above for current details.

Hosting Infrastructure:

  • Data Shared: All data necessary to operate the service
  • Purpose: Store and process data securely
  • Security: Encrypted storage and transmission

Sans Terra Workflow Server (n8n):

  • Data Shared: Conversation data, API requests, bot configuration context
  • Purpose: Route and process chatbot requests between the Plugin and AI providers
  • Infrastructure: All chat requests are routed through our self-hosted n8n workflow platform running on a Sans Terra-managed VPS (vps.sansterra.com). This is our own infrastructure — not a third-party SaaS product. Data processed by this server is subject to the same security and privacy standards described in this policy.

3.2 Payment Processor (Pro Users)

Stripe:

  • Data Shared: Payment card details, billing address, and transaction information are collected and processed directly by Stripe. Sans Terra does not receive or store full payment card numbers.
  • Data Stored Locally: Subscription status, plan tier, Stripe customer ID, and basic invoice metadata are stored in your WordPress database to manage premium features.
  • Purpose: Process subscription payments, manage billing portal sessions, and handle webhook events for plan changes
  • Policy: https://stripe.com/privacy

3.3 We Do NOT Sell Your Data

We never sell, rent, or trade your information to third parties for marketing purposes.

3.4 Legal Requirements

We may disclose information if required to:

  • Comply with legal obligations (court orders, subpoenas)
  • Protect our rights and property
  • Prevent fraud or abuse
  • Protect user safety

3.5 Business Transfers

If Sans Terra is acquired or merged, your account information may be transferred to the new entity (you'll be notified in advance).

3.6 Third-Party Site Embedding (Pro Business)

The Pro Business plan includes a JavaScript embed feature that allows site owners to deploy their chatbot on external websites outside of their WordPress installation. When a visitor on a third-party site interacts with an embedded chatbot:

  • Chat messages are routed through the Plugin's embed-chat REST endpoint on the site owner's WordPress installation
  • Origin and CORS checks are performed to verify the request comes from an authorized domain
  • The same data described in Section 1.3 (Conversation Data) is collected and stored in the site owner's WordPress database
  • The same browser localStorage items described in Section 8 are set in the visitor's browser
  • All data flows through Sans Terra's workflow server and AI providers as described in Section 3.1

Site owners who use the embed feature are responsible for disclosing the chatbot's data practices in the privacy policy of the site(s) where the embed is deployed.

4. Data Retention

4.1 How Long We Keep Data

Account Information: Until you delete your account, plus 30 days
Conversation History: Conversation logs are stored in the site owner's WordPress database indefinitely until the site owner chooses to delete them. The Plugin provides a conversation management interface where site owners can review and manually purge conversations at any time. Sans Terra does not automatically delete conversation data from your database.
Bot Training Content: Until you update or delete it
Usage Logs: 90 days
Backup Data: 30 days in encrypted backups

4.2 Deletion Requests

You can request deletion of your data at any time (see Section 7).

5. Data Security

5.1 Security Measures

We implement industry-standard security practices:

  • Encryption: HTTPS/TLS for data in transit, encryption at rest for sensitive data
  • Access Controls: Role-based access, principle of least privilege
  • Authentication: API key validation, secure password hashing
  • Monitoring: Automated abuse detection, security logging
  • Regular Updates: Timely security patches and updates

5.2 Your Responsibilities

  • Keep your API key confidential
  • Use strong passwords
  • Report security issues immediately
  • Review conversation logs regularly

5.3 No Absolute Security

No system is 100% secure. We cannot guarantee absolute security but will notify you promptly of any data breaches affecting your information.

6. International Data Transfers

6.1 Where Your Data Goes

Our servers are located in the United States. If you're in the EU, EEA, UK, or other regions with data transfer restrictions, your data may be transferred to and processed in countries with different privacy laws.

6.2 Safeguards

We rely on:

  • Standard Contractual Clauses (where applicable)
  • Adequate security measures
  • Third-party provider certifications

7. Your Privacy Rights

7.1 Rights for All Users

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your data
  • Export: Download your data in a portable format
  • Opt-out: Unsubscribe from marketing emails

7.2 Additional Rights (GDPR - EU/EEA/UK)

If you're in the EU, EEA, or UK, you also have the right to:

  • Data Portability: Receive your data in machine-readable format
  • Object to Processing: Object to processing based on legitimate interests
  • Restrict Processing: Request limited processing in certain circumstances
  • Lodge a Complaint: File a complaint with your local data protection authority

7.3 Additional Rights (CCPA - California)

If you're a California resident, you have the right to:

  • Know what personal information is collected
  • Know if personal information is sold or disclosed
  • Opt-out of sale (we don't sell data)
  • Non-discrimination for exercising your rights

7.4 How to Exercise Your Rights

Contact us at: [your-email@sansterra.com]

We'll respond within:

  • 30 days (general requests)
  • 1 month (GDPR requests)
  • 45 days (CCPA requests)

8. Cookies, Browser Storage, and Tracking

8.1 Browser Local Storage

The Plugin does not use traditional cookies. Instead, it uses the visitor's browser localStorage to store the following data on the visitor's device:

  • chatSessionId: A unique session identifier to maintain conversation continuity
  • chatHistory: The visitor's recent conversation messages, stored locally so the chat history persists if the widget is closed and reopened
  • chatLastActivity: A timestamp of the visitor's last chat interaction, used to manage session timeouts

This data is stored only in the visitor's browser and is not transmitted to Sans Terra's servers (though the session ID is included in chat requests to maintain conversation context). Under privacy regulations including the GDPR ePrivacy Directive, browser localStorage is treated similarly to cookies. Visitors can clear this data at any time by clearing their browser's local storage or site data for the relevant domain.

8.2 Third-Party Cookies

We do not use third-party tracking cookies. However, AI providers may set cookies per their own policies.

8.3 Opt-Out

You can clear browser localStorage or disable JavaScript in browser settings to prevent local storage, but this will prevent the chatbot from functioning.

9. Children's Privacy

The Plugin is not intended for users under 13 years old. We do not knowingly collect data from children under 13. If we discover we have collected such data, we will delete it immediately.

10. Changes to This Privacy Policy

10.1 How We Notify You

We may update this Privacy Policy and will notify you by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending an email notification (for material changes)
  • Displaying a notice in the Plugin admin panel

10.2 Your Acceptance

Continued use after changes means you accept the updated Privacy Policy.

11. External Links

Conversations may include links to external websites. We are not responsible for the privacy practices of those sites. Please review their privacy policies.

12. WordPress.org Disclosure

This Plugin is distributed via WordPress.org but is operated independently by Sans Terra. WordPress.org:

  • Does not have access to your conversation data
  • Does not control our privacy practices
  • Is not responsible for our data processing

For privacy questions, contact Sans Terra directly.

13. Data Processing Addendum (DPA)

If you require a formal Data Processing Agreement for GDPR compliance, please contact us at [your-email@sansterra.com].

14. Contact Information

Privacy Inquiries

Email: support@easyaichatbot.ai
Website: https://easyaichatbot.ai

Summary of Key Points

  • What data we collect: Account info, website content for training, conversation logs, usage data, subscription metadata (Pro)
  • How we use it: Provide chatbot service, send notifications, improve service, prevent abuse
  • Who we share with: AI providers (OpenAI, Anthropic) receive message + bot config with each request; Stripe handles payments (Pro); all requests route through our self-hosted workflow server — we NEVER sell data
  • Where conversations are stored: In the site owner's WordPress database, not on Sans Terra's servers
  • Your rights: Access, delete, export your data anytime
  • Security: Encrypted transmission, secure storage, regular security updates
  • Retention: Conversations stored in your database until you delete them; account data until deletion
  • Contact: support@easyaichatbot.ai for any privacy questions

By using the Easy AI Chat Bot Plugin, you acknowledge that you have read and understand this Privacy Policy.