Privacy Policy - Easy AI Chat Bot by Sans Terra

Last Updated: [Current Date]

Introduction

Sans Terra ("we," "us," or "our") operates the Easy AI Chat Bot WordPress plugin ("the Plugin"). This Privacy Policy explains how we collect, use, disclose, and protect information when you use our Plugin and related services.

Important: This Plugin relies on external AI services to function. By using the Plugin, your data will be transmitted to and processed by our servers and third-party AI providers.

1. Information We Collect

1.1 Account Information

When you create an account and obtain an API key:

  • Email address
  • Domain name(s) you register
  • API key identifier
  • Account creation date
  • Subscription tier (free/premium)

1.2 Website Content

When you configure the Plugin:

  • WordPress page content you select for training (up to 4 pages on free tier)
  • Bot personality and rules you configure
  • Bot name and greeting messages
  • Custom knowledge base text
  • Notification email addresses
  • Notification rule configurations

1.3 Conversation Data

When visitors interact with your chatbot:

  • User messages sent to the bot
  • Bot responses generated
  • Conversation session IDs
  • Message timestamps
  • Number of messages per conversation
  • Domain where conversation occurred

1.4 Usage Information

Automatically collected when you use the Plugin:

  • Monthly message count
  • API key validation attempts
  • Error logs and debugging information
  • Plugin version
  • WordPress version
  • PHP version

1.5 Technical Information

  • IP addresses (for security and abuse prevention)
  • Browser type and version
  • Device type
  • Geographic location (country/region level only)

1.6 Information We Do NOT Collect

  • Visitor names, emails, or contact information (unless they voluntarily provide it in chat)
  • Payment information (free tier requires no payment)
  • Passwords (except your account password, which is hashed)
  • Visitor browsing history outside of chat interactions

2. How We Use Your Information

2.1 Primary Service Functions

  • Process chat requests: Send visitor messages to AI models and return responses
  • Train your bot: Use selected page content to generate relevant responses
  • Send notifications: Email you when specific conversation triggers occur
  • Manage usage limits: Track your monthly message count (100/month on free tier)
  • Store conversations: Save chat history for your review in the admin dashboard

2.2 Service Improvement

  • Analyze usage patterns: Understand how the Plugin is used (aggregated, anonymized data)
  • Fix bugs: Identify and resolve technical issues
  • Improve AI responses: Refine bot training and response quality
  • Develop features: Plan new functionality based on usage trends

2.3 Security and Compliance

  • Prevent abuse: Detect suspicious activity and API key misuse
  • Rate limiting: Enforce usage limits fairly
  • Legal compliance: Meet legal obligations and respond to lawful requests

2.4 Communication

  • Service announcements: Notify you of updates, maintenance, or important changes
  • Support: Respond to your help requests
  • Marketing: Send information about premium features (you can opt out)

3. How We Share Your Information

3.1 Third-Party Service Providers

We share data with trusted third parties who help us operate:

AI Model Providers (e.g., OpenAI, Anthropic):

  • Data Shared: User messages, conversation context, bot training content
  • Purpose: Generate AI responses to visitor questions
  • Policies: Subject to their respective privacy policies
  • Data Retention: Per their data retention policies (typically 30 days or less)

Hosting Infrastructure:

  • Data Shared: All data necessary to operate the service
  • Purpose: Store and process data securely
  • Security: Encrypted storage and transmission

N8N Workflow Platform:

  • Data Shared: Conversation data, API requests
  • Purpose: Route and process chatbot requests
  • Location: Our self-hosted VPS or N8N cloud (as applicable)

3.2 We Do NOT Sell Your Data

We never sell, rent, or trade your information to third parties for marketing purposes.

3.3 Legal Requirements

We may disclose information if required to:

  • Comply with legal obligations (court orders, subpoenas)
  • Protect our rights and property
  • Prevent fraud or abuse
  • Protect user safety

3.4 Business Transfers

If Sans Terra is acquired or merged, your information may be transferred to the new entity (you'll be notified in advance).

4. Data Retention

4.1 How Long We Keep Data

Account Information: Until you delete your account, plus 30 days Conversation History: 90 days after the conversation date (configurable) Bot Training Content: Until you update or delete it Usage Logs: 90 days Backup Data: 30 days in encrypted backups

4.2 Deletion Requests

You can request deletion of your data at any time (see Section 7).

5. Data Security

5.1 Security Measures

We implement industry-standard security practices:

  • Encryption: HTTPS/TLS for data in transit, encryption at rest for sensitive data
  • Access Controls: Role-based access, principle of least privilege
  • Authentication: API key validation, secure password hashing
  • Monitoring: Automated abuse detection, security logging
  • Regular Updates: Timely security patches and updates

5.2 Your Responsibilities

  • Keep your API key confidential
  • Use strong passwords
  • Report security issues immediately
  • Review conversation logs regularly

5.3 No Absolute Security

No system is 100% secure. We cannot guarantee absolute security but will notify you promptly of any data breaches affecting your information.

6. International Data Transfers

6.1 Where Your Data Goes

Our servers are located in [Your Server Location]. If you're in the EU, EEA, UK, or other regions with data transfer restrictions, your data may be transferred to and processed in countries with different privacy laws.

6.2 Safeguards

We rely on:

  • Standard Contractual Clauses (where applicable)
  • Adequate security measures
  • Third-party provider certifications

7. Your Privacy Rights

7.1 Rights for All Users

  • Access: Request a copy of your data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your data
  • Export: Download your data in a portable format
  • Opt-out: Unsubscribe from marketing emails

7.2 Additional Rights (GDPR - EU/EEA/UK)

If you're in the EU, EEA, or UK, you also have the right to:

  • Data Portability: Receive your data in machine-readable format
  • Object to Processing: Object to processing based on legitimate interests
  • Restrict Processing: Request limited processing in certain circumstances
  • Lodge a Complaint: File a complaint with your local data protection authority

7.3 Additional Rights (CCPA - California)

If you're a California resident, you have the right to:

  • Know what personal information is collected
  • Know if personal information is sold or disclosed
  • Opt-out of sale (we don't sell data)
  • Non-discrimination for exercising your rights

7.4 How to Exercise Your Rights

Contact us at: [your-email@sansterra.com]

We'll respond within:

  • 30 days (general requests)
  • 1 month (GDPR requests)
  • 45 days (CCPA requests)

8. Cookies and Tracking

8.1 Cookies We Use

The Plugin uses minimal cookies/local storage:

  • Session ID: Maintain conversation continuity (session-based)
  • Chat History: Store recent conversation in browser (localStorage)
  • Widget State: Remember if chat widget is open/closed (localStorage)

8.2 Third-Party Cookies

We do not use third-party tracking cookies. However, AI providers may set cookies per their policies.

8.3 Opt-Out

You can clear browser localStorage or disable cookies in browser settings, but this may affect functionality.

9. Children's Privacy

The Plugin is not intended for users under 13 years old. We do not knowingly collect data from children under 13. If we discover we have collected such data, we will delete it immediately.

10. Changes to This Privacy Policy

10.1 How We Notify You

We may update this Privacy Policy and will notify you by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending an email notification (for material changes)
  • Displaying a notice in the Plugin admin panel

10.2 Your Acceptance

Continued use after changes means you accept the updated Privacy Policy.

11. External Links

Conversations may include links to external websites. We are not responsible for the privacy practices of those sites. Please review their privacy policies.

12. WordPress.org Disclosure

This Plugin is distributed via WordPress.org but is operated independently by Sans Terra. WordPress.org:

  • Does not have access to your conversation data
  • Does not control our privacy practices
  • Is not responsible for our data processing

For privacy questions, contact Sans Terra directly.

13. Data Processing Addendum (DPA)

If you require a formal Data Processing Agreement for GDPR compliance, please contact us at [your-email@sansterra.com].

14. Contact Information

Privacy Inquiries

Email: [your-email@sansterra.com]
Website: https://sansterra.com
Address: [Your Business Address]

Data Protection Officer (if applicable)

[DPO Name and Contact - if you have one]

EU Representative (if applicable)

[EU Rep Name and Contact - if you have EU customers and are required to appoint one]

Summary of Key Points

What data we collect: Account info, website content for training, conversation logs, usage data
How we use it: Provide chatbot service, send notifications, improve service, prevent abuse
Who we share with: AI providers (OpenAI, etc.), hosting services - we NEVER sell data
Your rights: Access, delete, export your data anytime
Security: Encrypted transmission, secure storage, regular security updates
Retention: Conversations stored 90 days, account data until deletion
Contact: [your-email@sansterra.com] for any privacy questions

By using the Easy AI Chat Bot Plugin, you acknowledge that you have read and understand this Privacy Policy.