// security & privacy
Your data is yours
to take with you.
What we collect, where it lives, what we don't do, and how to get it back. The privacy story most live-chat tools bury in a 12-paragraph legal page is on this single screen.
What we collect
Only what's needed to run a chat conversation: visitor messages, agent replies, file uploads the visitor sends, the page URL the visitor is on, name/email if they enter one. We do not run third-party tracking pixels on your widget visitors.
Where it lives
All conversation data is stored in Supabase Postgres with Row Level Security enforced — each site's rows are isolated, and visitor messages can only be read by agents of that site. File attachments live in Supabase Storage with per-conversation access controls.
Webhook signing (HMAC SHA-256)
Every webhook event ships with an X-Agentbot-Signature header — HMAC SHA-256 over the raw request body, signed with your secret. Three lines on your end to verify. Means no one can forge events into your CRM/Zap/n8n flow even if they discover the endpoint URL.
Export and deletion
Every conversation, ticket, and uploaded document is yours. Export from the dashboard whenever you want. Delete your account from settings — your data is gone within 30 days, including backups. The widget is one script tag: removing it from your site fully detaches the integration.
What we don't do
We do not sell or share your data with anyone. We do not load third-party tracker pixels (no Google Analytics, no Meta Pixel, no Hotjar) on visitor-facing surfaces. We do not train models on your data — your knowledge base is retrieved per-conversation, not fine-tuned into a shared model.
Subprocessors
We rely on Supabase (database + storage + auth + realtime) and OpenRouter (LLM gateway) to operate the product. That's it. No data brokers, no advertising networks, no analytics platforms that resell visitor profiles.
Reporting a vulnerability
Found something? Email security disclosures to the address on our /contact page. We aim to respond within 48 hours and credit reporters on fix unless you'd rather stay anonymous.
More detail?
The privacy policy spells out the formal terms. The webhooks docs cover signature verification in code.
Talk to us