Privacy Policy
Last updated: May 3, 2026
This Privacy Policy explains how Contexo ("Contexo", "we", "us") collects, uses, stores, and shares information when you use our website, dashboard, APIs, and the embeddable chat widgets you publish on your own websites (collectively, the "Service"). By using the Service you agree to this Policy. If you do not agree, do not use the Service.
1. Who we are and your role
Contexo provides a multi-tenant, retrieval-augmented chatbot platform. Two distinct relationships exist:
- Customer (account holder).When you sign up for an account and operate chatbots through Contexo, we are the "controller" of your account and billing data and a "processor" of the content you upload and the end-user conversations your widgets handle.
- Visitor (end user of a customer's widget). If you are interacting with a Contexo widget on a third-party website, the operator of that website is the controller of your conversation. Contexo processes that conversation on their behalf. Direct privacy questions to that operator first.
2. Information we collect
2.1 Account information
- Email address and password (or OAuth identifier from Google).
- Authentication metadata generated by our auth provider (Supabase), including session tokens.
- Account preferences: bot names, brand colors, system prompts, and allowed widget domains.
2.2 Billing information
- Plan selection, current plan status, billing period, scheduled plan changes, add-on credit balance.
- A Lemon Squeezy customer identifier and subscription identifier.
- A mirror of your order history (date, amount, currency, order number, refund status, receipt URL).
We do not store your card or bank details. Payment instruments are collected and stored by Lemon Squeezy. See Subprocessors below.
2.3 Customer content
- Documents you upload (PDF, text, etc.) and URLs you ingest. The content is split into chunks and converted into vector embeddings using Google's Gemini API.
- Document metadata: filename, size, status, source URL, last refresh time.
2.4 Conversation data
- The text of every message exchanged between visitors and your chatbots, plus the chatbot's context-retrieval metadata.
- A SHA-256 hashof the visitor's IP address (we do not store the raw IP address).
- A session identifier stored in the visitor's browser
sessionStorageaschatforge_session_id; it is signed cryptographically to prevent tampering. - Aggregated analytics counters (per-month message totals, busiest hours, top queries) used to render the dashboard analytics.
2.5 Operational logs
- API request logs, error reports, and audit traces required to operate, debug, and secure the Service.
3. How we use information
- To provide, maintain, and improve the Service.
- To answer end-user queries via retrieval-augmented generation.
- To enforce per-account limits (widgets, monthly messages, storage).
- To process payments, renewals, refunds, and add-on purchases.
- To prevent abuse, fraud, and security incidents.
- To send transactional email about your account, billing, and material changes to the Service.
- To comply with legal obligations.
We do notsell your personal data, your customers' conversation data, or your uploaded documents. We do not use your data to train our own foundation models, and the model providers we rely on do not use it to train theirs (see Security).
4. Subprocessors
We rely on the third-party providers listed on our Subprocessors page. They process data only on our behalf and only as necessary to deliver the Service. The current list includes Supabase (database, auth, storage), Google Gemini (LLM and embeddings), and Lemon Squeezy (payments and tax).
5. Cookies and similar technologies
See our Cookie Policy for what we (and the embedded widget) store in browsers.
6. Data retention
- Account data and content: retained while your account is active and for up to 30 days after deletion to allow recovery and meet legal obligations, after which it is purged from live systems. Backups age out per our backup schedule.
- Free-tier widgets: widgets on the Free plan are automatically deleted after 14 consecutive days of inactivity. Cascade deletion removes all associated documents, embeddings, chat sessions, and messages. This is irreversible.
- Conversations: stored as long as the parent widget exists. Deleting a widget cascade-deletes its conversation history.
- Billing records: we retain payment-history rows for the period required by applicable tax and accounting law, even after account deletion.
- Logs: operational logs are retained for up to 90 days unless required longer for security investigation.
7. Your rights
Depending on your location (EU/EEA/UK under GDPR, California under CCPA/CPRA, India under DPDP Act, and other jurisdictions), you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request deletion ("right to be forgotten").
- Object to or restrict processing.
- Receive a portable copy of your data.
- Withdraw consent where processing is consent-based.
- Lodge a complaint with your local data-protection authority.
To exercise any of these rights email privacy@contexo.ai. We will respond within the timeframe required by applicable law (typically 30 days). For California residents we do not sell or share personal information for cross-context behavioral advertising.
8. International transfers
Your data may be processed in countries other than the one in which you live. Where we transfer personal data out of the EU/EEA/UK or other regulated regions, we rely on Standard Contractual Clauses or an equivalent legal mechanism with our subprocessors.
9. Children
The Service is not directed to children under 16 (or under 13 in the United States). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact privacy@contexo.ai and we will delete it.
10. Customer obligations
If you are a customer deploying our widget on your own website, you are responsible for obtaining any consents required by applicable law (including cookie/storage consent, GDPR consent for processing of visitor messages, and disclosure that the widget is powered by Contexo and Google Gemini). We provide the technical infrastructure; meaningful end-user consent is your duty as the controller of those interactions. A Data Processing Addendum is available on request.
11. Security
See our Security page for technical and organizational measures. No system is absolutely secure; if a breach affects your data we will notify you and, where required, the relevant authorities, in accordance with applicable law.
12. Changes to this Policy
We may update this Policy from time to time. The "Last updated" date above reflects the latest revision. Material changes will be communicated by email or in-product notice before they take effect.
13. Contact
Privacy enquiries: privacy@contexo.ai
Data Protection Officer (where applicable): dpo@contexo.ai
Postal contact: Contexo AI Inc., Bengaluru, Karnataka, India.
