PRIVACY POLICY

Chatbot App (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected and processed by Chatbot App.

This Privacy Policy explains how we collect, use, store, and disclose your personal data when you use our website, its associated subdomains, and our mobile and web application (collectively, the "Service"). By accessing or using our Service, you acknowledge that you have read and understood this Privacy Policy.

Where required under applicable law, we will obtain your explicit consent before collecting or processing your personal data.

QUICK LINKS

  • Definitions and Key Terms

  • Categories of Personal Data and Processing

  • Delete Account Policy

  • Rights of Data Subjects

DEFINITIONS AND KEY TERMS

  • Cookie: A small piece of data stored on your device by your web browser while browsing a website. Cookies are used for various purposes, including identifying your browser, performing analytics, remembering preferences (such as language or login details), and enhancing user experience.

  • Company (also referred to as "we," "us," or "our"): Refers to HubX.

  • Country: Refers to the jurisdiction in which Chatbot App based, in this case Turkey.

  • Customer: Refers to the individual or legal entity (such as a company or organization) that signs up or subscribes to use the Chatbot App’s Service for business or personal purposes.

  • Device: Any internet-connected device such as a smartphone, tablet, computer, or any other technology that can access the Service.

  • IP Address: A unique string of numbers assigned to each device connected to the Internet. It can sometimes be used to approximate the geographic location of a device.

  • Personnel: Individuals employed by or contracted to perform services on behalf of the Company.

  • Personal Data: Any information that relates to an identified or identifiable natural person (such as a name, IP address or email address)

  • Service: Refers to the functionality, products, applications, and services provided by Chatbot App, including but not limited to access via the website and mobile application.

  • Third-Party Service Providers: Refers to external entities such as analytics providers, marketing partners, advertisers, and other organizations that may assist in delivering, promoting, or improving our services, and with whom personal data may be shared in accordance with this Policy.

  • Website: Refers to the official Chatbot App website, accessible at chatbotapp.ai 

  • You: The individual (data subject) who accesses or uses the Service, whether personally or on behalf of an organization, and whose personal data is processed under this Privacy Policy.

CATEGORIES OF PERSONAL DATA AND PROCESSING

We process personal data under specific lawful bases, which may include performance of a contract, compliance with a legal obligation, your consent, or our legitimate interests. Below is a breakdown of the categories of personal data we collect and how they are processed:

Data Categories and Data Types

1. Personal and Contact Information

Data Types: Google or Apple account name (whichever you logged-in with), email address.

Purpose: To communicate with you, manage your account, provide customer support, and respond to inquiries.

Legal Basis: Performance of a contract.

2. Technical and Security Data

Data Types: IP address, device name, browser type and version, operating system, access times, pages viewed, referring URLs, configuration data.

Purpose: To ensure the security and operation of our services, fraud prevention, debugging, diagnostics, and system analytics.

Legal Basis: Legitimate interest, legal obligation (for logs)

3. Usage and Log Data

Data Types: App usage logs, session information, page interaction, crash reports, download errors.

Purpose: Service improvement, debugging, performance monitoring, internal analytics.

Legal Basis: Legitimate interest, legal obligation (for logs)

4. Transaction and Order Information

Data Types: Purchase history, subscription and order details, in-app transaction data.

Purpose: To process transactions and subscriptions, manage billing and payment history.

Legal Basis: Performance of a contract, legal obligation (billing)

5. Marketing and Analytics Data

Data Types: Cookies, analytics data, user preferences, interaction with marketing emails or ads.

Purpose: Personalized advertising, direct marketing, performance tracking of campaigns.

Legal Basis: Legitimate interest, Consent (for cookies other than strictly necessary ones)

We may collect your above mentioned data directly from you through electronic or physical mediums, your mobile device, third party platforms which you can access our application through these mediums such as Apple App Store and Google Play App Store, for the purposes of compliance with legal obligations, enhancing our services, administering your use of our services, as well as enabling you to enjoy and easily navigate our services.

How We Use Your Information

We use your information for a variety of service and business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described in every data category stated above. Below you may find more details regarding these processing purposes:

Provide Our Services

We use your information to fulfill our contract with you and provide you with our Services, such as:

  • (a) Providing responses to your text messages and search queries, and other similar Services;

  • (b) Managing your information and accounts;

  • (c) Providing access to certain areas, functionalities, and features of our Services;

  • (d) Answering requests for customer or technical support;

  • (e) Communicating with you about your account, activities on our Services, and policy changes; and

  • (f) Processing your financial information and other payment methods for products or Services purchased.

Administrative Purposes

We use your information for various administrative purposes, such as:

  • (a) Pursuing our legitimate interests such as network and information security, and fraud prevention;

  • (b) Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;

  • (c) Measuring interest and engagement in our Services;

  • (d) Short-term, transient use, such as contextual customization of ads;

  • (e) Improving, upgrading or enhancing our Services;

  • (f) Developing new features and Services;

  • (g) Ensuring internal quality control and safety;

  • (h) Authenticating and verifying individual identities;

  • (i) Debugging to identify and repair errors with our Services;

  • (j) Auditing relating to interactions, transactions and other compliance activities;

  • (k) Enforcing our agreements and policies; and

  • (l) Complying with our legal obligations.

Marketing and Advertising our Products and Services

We may use personal information to tailor and provide you with content and advertisements. We may provide you with these materials as permitted by applicable law. Some of the ways we may market to you include email campaigns, custom audiences advertising, and “interest-based” or “personalized advertising” upon your explicit consent.

How We Disclose Your Information

We disclose your information to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, as described below.

Disclosures to Provide our Services

The categories of third parties with whom we may share your information are described below:

  • (a) Service Providers: We may share your personal information with our third-party service providers who use that information to help us provide our Services. This includes service providers that provide us with IT support, hosting, payment processing, customer service, and cloud services. This includes cloud providers (Google, CloudFlare), data analytics providers (Facebook, Google, Appsflyer, Firebase); payment processing providers (Paddle).

  • (b) Business and Communication Partners: We may share your personal information with business partners to provide you with a product or service you have requested. We may also share your personal information to business partners with whom we jointly offer products or services. This includes service providers (Intercom, Firebase).

  • (c) Advertising and Analytics Partners: We may share your personal information with third-party advertising partners. These third-party advertising partners may set Technologies and other tracking tools on our Services to collect information regarding your activities and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this information (and similar information collected from other services) for purposes of delivering personalized advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising” or “personalized advertising.” This includes measurement partners (Firebase, Clarity, Cookie-Script).

  • (d) APIs/SDKs: We may use third-party application program interfaces (APIs) and software development kits (SDKs) as part of the functionality of our Services. You may contact our support team for further information.

  • (e) Law Enforcement and Public Authorities: We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

Retention of Personal Information

We may store the personal information we collect as described in this Privacy Notice for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

General Principles Regarding Personal Data Processing

In accordance with this Privacy Policy, personal data are processed by HubX as a data controller in line with the basic principles named here: (i) being in accordance with law and good faith, (ii) being accurate and, where necessary, up-to- date, (iii) being processed for specific, explicit and legitimate purposes, (iv) being limited for the purpose for which they are processed and data minimization; and (v) being stored for the period stipulated in the relevant legislation or required for the purpose for which they are processed.

Purposes of Processing Personal Data and Legal Reasons

Your personal data will be processed via automatic or non-automatic means for the purposes stated below, in accordance with the applicable legislation where it is expressly permitted by the laws, the establishment of a contract or direct relation to the execution or performance of the contract and for the legitimate interests of HubX provided that your fundamental rights and freedoms are protected.

Technical and Administrative Measures

HubX stores the personal data it processes in accordance with relevant legislation for periods stipulated in relevant legislation or required for the purpose of processing. HubX undertakes to take all necessary technical and administrative measures and to take the due care to ensure the confidentiality, integrity and security of personal data. In this context, it takes the necessary measures to prevent unlawful processing of personal data, unauthorized access to data, unlawful disclosure, modification or destruction of data. Accordingly, HubX takes the following technical and administrative measures regarding the personal data it processes:

Anti-virus application

On all computers and servers in HubX’s information technology infrastructure, a periodically updated anti-virus application is installed.

Firewall

The data center and disaster recovery centers hosting HubX servers are protected by periodically updated software-loaded firewalls; the relevant next generation firewalls control the internet connections of all staff and provide protection against viruses and similar threats during this control.

VPN

Suppliers can access HubX servers or systems through SSL-VPN defined on Firewalls. A separate SSL-VPN identification has been made for each supplier; with the identification made, the supplier only provides access to the systems that it should use or is authorized to use.

User identifications

HubX employees’ authorization to HubX systems is limited only to the extent necessary by job descriptions; in case of any change of authority or duty, systemic authorizations are also updated.

Information security and risk management

Events that occur on HubX servers and firewalls, are transferred to the Information Security and Risk Management system, which allows immediate response and control regarding the issue. 

Logging

All transaction records regarding sensitive data are securely logged.

Training

In order to increase the awareness of HubX employees against various information security violations and data breach to minimize the impact of the human factor in incidents, and trainings are provided to employees at regular intervals.

Physical data security

It ensures that personal data on papers is necessarily stored in lockers and accessed only by authorized persons. Adequate physical data security measures are taken based on the nature of the environment where sensitive data is stored.

Backup

HubX periodically backs up the data it stores. As a backup mechanism, it uses the backup facilities provided by the cloud infrastructure providers, as well as the backup solutions it develops when deemed necessary, provided that it is in compliance with relevant legislation and provisions of this Policy.

Non-disclosure agreement

Non-disclosure agreements are concluded with employees taking part in sensitive personal data processing.

Transferring Personal Data to Third Parties

We may transfer your personal data to third parties as outlined above. In doing so, we take appropriate security measures to ensure your data remains protected during and after the transfer. When sharing data with external service providers or processors, we enter into contractual agreements to ensure they process personal data in compliance with applicable data protection laws and our instructions.

Sale of Business

We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of Chatbot App or any of its Corporate Affiliates (as defined herein), or that portion of Chatbot App or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.

Links to Other Websites

This Privacy Policy applies only to the Services. The Services may contain links to other websites not operated or controlled by the App. We are not responsible for the content, accuracy or opinions expressed in such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by us. Please remember that when you use a link to go from the Services to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website’s own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.

Cookies

Chatbot App uses cookies to understand how you interact with our website and to improve its performance and functionality. Cookies are small data files stored on your device by your web browser.

We use different types of cookies, including; strictly necessary cookies, which are essential for the operation of our website (e.g., remembering your login session) and non-essential cookies, such as those used for enhanced functionality or performance (e.g., remembering preferences, enabling video playback). We only use non-essential cookies after obtaining your explicit consent through our cookie management tool. You can see and manage cookie types from this tool offered and withdraw your consent at any time even after you give consent.

Additionally, most browsers also allow you to control or disable cookies via their settings. Please visit your browser’s menu to proceed. Also, please note that disabling cookies may affect the functionality and performance of our website, and some features may no longer be available.

Payment Details

In respect to any credit card or other payment processing details, please note that we do not access, collect or store any credit card information. All payment transactions for purchases are securely processed by payment service providers. If you wish to manage or request the deletion of your payment information, please contact the respective platform (Paddle) directly.

Kids' Privacy

We do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, we take steps to remove that information from Our servers.

Disclaimer

Chatbot App uses OpenAI’s GPT3.5 API, but we are not associated with OpenAI. We only use their official API for our app. Chatbot App is not affiliated with any government or political entity. The information provided in Chatbot App is for informational purposes only and should not be considered official or authoritative. Please read our Terms of Use for AI use and AI models.

Changes To Our Privacy Policy

We may change our Service and policies, and we may need to make changes to this Privacy Policy so that they accurately reflect our Service and policies. Unless otherwise required by law, we will notify you (for example, through our Service) before we make changes to this Privacy Policy and give you an opportunity to review them before they go into effect. Then, if you continue to use the Service, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any updated Privacy Policy, you are invited to discontinue using our services and delete your account.

DELETE ACCOUNT POLICY
1. Introduction

This Delete Account Policy outlines the procedure and conditions under which users can delete their accounts on Chatbot App. We offer account deletion to respect your data privacy rights, including your right to erasure under the GDPR. By deleting an account, users agree to the terms and conditions set forth in this policy.

2. Procedure for Account Deletion

Users wishing to delete their accounts can follow these steps:

  1. Login to Account: Users must be logged into their account to initiate the deletion process.

  2. Navigate to Account Settings: Go to the 'Account Settings' section of the website.

  3. Select 'Delete Account': Click on the 'Delete Account' option.

  4. Generate Confirmation Code: The system will generate a unique confirmation number and users should enter these numbers into the input area.

  5. Click Confirm: Users must click the confirm button on the delete account popup.

3. Data Retention and Deletion

  • Immediate Effect: Upon successful confirmation, the account and all associated data will be permanently deleted and cannot be recovered.

  • Backup Retention: Some data may remain in backup storage for a limited period due to our regular backup processes but will be inaccessible and ultimately deleted according to our data retention policy.

  • Anonymized Data: Any data that can be anonymized and does not personally identify the user may be retained for analytical purposes.

4. Implications of Account Deletion

  • Access Loss: Users will lose access to their account and any services or content associated with it.

  • Subscription Termination: Any active subscriptions will be terminated without refunds.

  • Irreversible Action: The deletion process is irreversible. Once an account is deleted, it cannot be restored.

5. Exceptions and Special Cases
  • Compliance with Law: Account deletion requests will be honored except where we are required to retain certain information by law.

  • Pending Transactions: Account deletion may be delayed if there are unresolved transactions or legal obligations. Relevant data will be retained only as necessary to fulfill legal or contractual requirements.

6. Contact Information
For any questions or assistance with the account deletion process, users can contact our support team at [email protected] 
7. Changes to This Policy

We reserve the right to modify this policy at any time. Users will be notified of any significant changes through the website or via email.

Information about General Data Protection Regulation (GDPR)

We may be collecting and using information from you if you are from the European Economic Area (EEA), and in this section of our Privacy Policy we are going to explain exactly how and why is this data collected, and how we maintain this data under protection from being replicated or used in the wrong way.

What is GDPR?
GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control the EU residents have, over their personal data.

The GDPR is relevant to any globally operating company and not just the EU-based businesses and EU residents. Our customers’ data is important irrespective of where they are located, which is why we have implemented GDPR controls as our baseline standard for all our operations worldwide.

What is personal data?

Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity.

The Data Protection Principles include requirements such as:

  • Personal data collected must be processed in a fair, legal, and transparent way and should only be used in a way that a person would reasonably expect.

  • Personal data should only be collected to fulfil a specific purpose and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.

  • Personal data should be held no longer than necessary to fulfil its purpose.

  • People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and that their data be updated, deleted, restricted, or moved to another organization.

Why is GDPR important?

GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts it's simply the right thing to do. At Chatbot App we strongly believe that your data privacy is very important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.

Individual Data Subject's Rights

Under the General Data Protection Regulation (GDPR), you have several important rights regarding your personal data. These rights are designed to give you greater control over how your data is collected, processed, and used. To exercise these rights or ask any questions, please contact [email protected] and include the details regarding the right you would like to use:

  • Right of Access: You can request confirmation of whether we process your personal data and, if so, receive a copy of that data along with relevant information.

  • Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.

  • Right to Erasure: You may request deletion of your data under certain conditions.

  • Right to Restrict Processing: You can ask us to limit the processing of your personal data in specific circumstances

  • Right to Data Portability: You can request your personal data in a structured, commonly used, and machine-readable format, and ask us to transfer it to another controller.

  • Right to Object: You may object to processing based on our legitimate interests or for direct marketing purposes.

  • Right to Withdraw Consent: If processing is based on your consent, you can withdraw it at any time without affecting prior lawful processing.

  • Right to Lodge a Complaint: If you believe your data rights have been violated, you have the right to file a complaint.

California Residents

The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.

We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:

  • Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.

  • Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.

  • Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.

  • Request that a business that sells a consumer's personal data, not sell the consumer's personal data.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us. Please note that we do not sell the personal information of our users. For more information about these rights, please contact us.

For more information about these rights, please contact us.

Contact Us

Don't hesitate to contact us if you have any questions.

Updated at 2025-05-20