Privacy Policy

May 7, 2026.

This page is written for product transparency and describes how the service accesses, uses, stores, and shares personal information.

• Account details such as name, email, password hash, email verification status, session version, and authentication events.
• Workspace details such as workspace name, slug, owner, members, roles, settings, subscription status, and team seat usage.
• Chatbot configuration such as assistant name, goal, website setup answers, behavior, fallback message, suggested questions, lead capture settings, widget theme, domain allowlist, publish status, and runtime flow.
• Training data such as website URLs, sitemap pages, PDF, DOCX, TXT, CSV, images, audio, video, manual Q&A, plain text, file metadata, extracted chunks, embeddings, processing status, errors, and source counts.
• Widget conversation data such as visitor messages, assistant replies, source references, answer classification, response timing, flow state, handoff status, and timestamps.
• Lead and contact data such as name, email, phone, company, message, source URL, visitor identifier, and related conversation.
• Visitor context used for analytics, such as page URL, referrer, domain, coarse location signals, device type, browser, operating system, language, timezone, screen, viewport, visitor ID, and session ID.
• Billing records needed to connect a workspace with Stripe checkout, subscriptions, invoices, customer portal sessions, credit balances, and credit purchases.
• Support and notification data such as support chat messages, ticket category, subject, description, status, unread counts, admin broadcasts, in app notifications, and browser push subscription data when enabled.

DuChat uses Google OAuth only when a workspace user chooses Google Sign In, connects a Google Docs source, or connects Google Calendar for appointment booking. We request only the Google scopes needed for features selected by the user.

The Google OAuth permissions currently used by DuChat are openid, email, profile, https://www.googleapis.com/auth/documents.readonly, https://www.googleapis.com/auth/drive.metadata.readonly, https://www.googleapis.com/auth/calendar.freebusy, and https://www.googleapis.com/auth/calendar.events.

Data accessed

• Google Sign In: Google account ID, email address, email verification status, display name, and profile picture from the openid, email, and profile scopes.
• Google Docs training sources: connected Google account email and name, OAuth access and refresh tokens, the Google Document ID or URL entered by the user, document title, document body text, and Drive file metadata needed to identify the selected document.
• Google Calendar appointments: connected Google account email and name, OAuth access and refresh tokens, selected calendar ID, free and busy time blocks, and booking event data needed to create appointments, including event time, summary, attendee name, attendee email, optional phone, optional notes, Google event ID, and event link when returned.

Data usage

• Use Google account profile data to authenticate users, create or link accounts, enforce verified email access, and display the connected account in the dashboard.
• Use selected Google Docs content as chatbot training knowledge for the specific workspace and chatbot that owns the source. The app may split that content into chunks, create embeddings, and retrieve matching chunks to answer visitor questions from that chatbot.
• Use Google Calendar free and busy data to show available appointment times, and use Google Calendar event access to create appointments only after a visitor submits a booking through an enabled chatbot flow.
• Store encrypted OAuth tokens so connected Google Docs and Google Calendar features continue working until the user disconnects the integration or revokes access in their Google Account.

Storage, sharing, and limits

• Google user data is stored only as needed to provide the connected feature, such as account login, imported chatbot knowledge, integration connection status, appointment availability, and appointment booking records.
• Google Docs content imported as training knowledge is scoped to the owning workspace and chatbot. It is not exposed to other workspaces or unrelated chatbots.
• When a visitor books an appointment, the appointment details entered by the visitor are sent to Google Calendar to create the calendar event.
• We do not sell Google user data, use it for advertising, transfer it to advertising platforms or data brokers, use it for credit decisions, or use Google Workspace API data to train generalized AI or ML models.

DuChat use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Users can disconnect Google account access in account settings, remove connected Google knowledge or calendar integrations in the dashboard, or revoke access from their Google Account permissions. Imported training data, generated chunks, embeddings, conversation references, and booking records are retained according to the product workflow, workspace deletion controls, and the retention terms described below.

• Provide authentication, workspace access, dashboard pages, chatbot configuration, and admin tools.
• Process training sources, generate chunks and embeddings, and retrieve approved business knowledge for the specific workspace and chatbot that owns it.
• Serve the embedded widget, validate publish status and allowed domains, maintain visitor sessions, rate limit abuse, and enforce AI credits.
• Generate chatbot responses using relevant trained sources and bounded recent conversation context.
• Show conversations, source references, contacts, leads, analytics, usage, billing state, support tickets, and notifications to authorized users.
• Send verification, password reset, billing, service, support, and notification emails or push notifications when configured.
• Protect the service, debug failures, prevent fraud or abuse, and comply with legal obligations.

DuChat is designed to answer from trained business knowledge first. Retrieval is scoped by workspace and chatbot. When knowledge is missing or weak, the chatbot can use the configured fallback instead of inventing an unsupported answer.

Visitor conversation history may be used as bounded recent context so the chatbot can understand follow up questions. Internal prompts, service credentials, and private server configuration are not intentionally exposed through the public widget.

DuChat may rely on infrastructure and service vendors for database hosting, object storage, answer processing, payments, email delivery, hosting, push notifications, security, logging, and analytics. Exact vendors depend on the deployment configuration.

Payment card details are handled by Stripe. DuChat stores the identifiers needed to connect customers, subscriptions, invoices, and checkout or portal sessions to the correct workspace.

• Disclose chatbot conversation collection and lead capture to your website visitors.
• Do not upload training data that you are not allowed to process or expose through chatbot answers.
• Keep domain allowlists accurate before publishing a chatbot.
• Review answers, fallbacks, source references, suggested questions, lead forms, and handoff flows before relying on the chatbot in production.
• Avoid collecting sensitive information through the widget unless you have the required legal basis, notices, and safeguards.

The app uses HTTP only signed cookies, email verification, session version invalidation, role aware workspace access, tenant scoped database queries, domain allowlists, server side validation, rate limits, prompt leakage blocking, and isolated widget styles. Production deployments should also configure HTTPS, backups, monitoring, access controls, least privilege service credentials, and secret rotation.

Data is retained while needed to provide the service, enforce plan limits, maintain billing records, resolve disputes, protect the platform, or meet legal obligations. Deleting training sources or workspaces should remove related stored training objects and generated chunks according to the product workflow and subprocessor retention limits.

Depending on location and role, users or visitors may have rights to access, correct, export, delete, object to, or restrict processing of personal information. Workspace owners are responsible for responding to visitor requests connected to chatbots they embed on their own websites.

Account users can manage profile and workspace settings in the dashboard. Other privacy requests should be sent through the support or account contact channel provided by the DuChat operator.

DuChat is intended for business use and is not directed to children. Do not knowingly collect data from children through public chatbots unless you have the required rights, notices, and controls in place.

This notice may be updated as the product, subprocessors, deployment model, or legal requirements change. The date above shows the latest version.