Privacy Policy
Last updated: March 28, 2026
Botline (“we”, “our”, “us”) is committed to protecting your privacy. This policy explains how we collect, use, and protect your data when you use our platform.
🔒
TL;DR: We only collect what's necessary to run your AI agent. We never sell your data. We never train our AI on your conversations. Your business data stays yours.
1. Information We Collect
| Data Type | What | Why |
|---|---|---|
| Account Info | Name, email, business name, password hash | Account creation & authentication |
| WhatsApp Data | Phone number, connection status | Connect your WhatsApp agent |
| Knowledge Base | Documents you upload (PDFs, FAQs, URLs) | Train your AI agent |
| Conversations | Messages between your customers and AI | Deliver AI replies, analytics, lead scoring |
| Usage Data | Message counts, response times, features used | Billing, analytics dashboard, service improvement |
| Payment Info | Processed by Stripe — we never see your card | Subscription billing |
2. How We Use Your Data
- Deliver AI-powered WhatsApp replies to your customers
- Search your knowledge base to find relevant answers (RAG)
- Score leads and track analytics on your dashboard
- Process billing and enforce fair usage limits
- Send you service notifications (never marketing without consent)
- Improve our platform's reliability and performance
3. What We NEVER Do
🚫
We NEVER:
• Sell your data to third parties
• Train AI models on your conversations or knowledge base
• Share your customer data with other Botline tenants
• Access your WhatsApp messages unless you grant support access
• Store payment card details (Stripe handles all payments)
• Sell your data to third parties
• Train AI models on your conversations or knowledge base
• Share your customer data with other Botline tenants
• Access your WhatsApp messages unless you grant support access
• Store payment card details (Stripe handles all payments)
4. AI Model Data Processing
When your AI agent replies to a customer, the conversation is sent to your chosen AI provider (Anthropic, OpenAI, DeepSeek, etc.) for processing. Each provider has their own data policies:
- Botline-managed keys: We use API keys with “no training” agreements. Your data is not used to train models.
- BYOK (your own key): Data is processed under your own agreement with the AI provider. Botline is only the intermediary.
5. Data Storage & Security
- All data encrypted at rest (AES-256) and in transit (TLS 1.3)
- Database hosted on AWS (Singapore region) with automated backups
- Knowledge base embeddings stored in PostgreSQL with pgvector
- API keys and secrets encrypted with AES-256-GCM
- Self-hosted deployments: you control where data is stored
6. Data Retention
| Data | Retention |
|---|---|
| Conversations | Per your plan (7 days Free, 30 days Starter, 90 days Pro, unlimited Enterprise) |
| Knowledge base | Until you delete it |
| Account data | Until account deletion + 30 days grace period |
| Billing records | 7 years (legal requirement) |
7. Your Rights
You can at any time:
- Export all your data (conversations, knowledge base, analytics)
- Delete your account and all associated data
- Modify your personal information from the dashboard
- Opt out of non-essential communications
8. Cookies
We use only essential cookies for authentication and session management. No tracking cookies, no third-party analytics cookies, no advertising cookies.
Questions about privacy?
Email us at privacy@botline.cc
We respond within 48 hours.
We respond within 48 hours.