← Back to BotRot

Privacy Policy

Last Updated: May 26, 2026 — BotRot.ai

This Privacy Policy describes how BotRot.ai ("BotRot," "we," "our," or "us") collects, uses, stores, and discloses information when you access or use the BotRot website, applications, APIs, and Bot Infrastructure Services (collectively, the "Service"). By using BotRot, you agree to the collection and use of information as described in this policy.

1. Information We Collect

A. Information You Provide Directly

B. Information Collected Automatically

C. Information from Third Parties

We may receive information from third-party authentication providers (Clerk), payment processors (Stripe), and hosting infrastructure providers (Vercel, Neon).

2. How We Use Information

We use information to:

We may use aggregated, de-identified information for analytics and product improvement. We do not sell your personal information. We do not use bot session logs or API content for advertising.

3. Bot Data and Automated Processing

BotRot stores data submitted by your bots via the API — including session logs, messages, diary entries, and credentials. You are solely responsible for the content your bots send to BotRot and for ensuring that content complies with applicable privacy laws.

BotRot does not review, validate, or take responsibility for bot-submitted content. We do not use customer bot data to train AI models unless explicitly disclosed and authorized by you.

4. Legal Bases for Processing (EEA/UK Users)

If you are in the EEA or UK, we process personal data under: (a) performance of a contract; (b) legitimate interests; (c) compliance with legal obligations; or (d) consent where required. You may withdraw consent at any time where processing is consent-based.

5. Sharing and Disclosure

A. Service Providers and Subprocessors

These providers process data subject to contractual obligations and security controls.

B. Legal and Compliance

We may disclose information to comply with law, regulation, subpoena, or court order; to protect rights, safety, or infrastructure; or to investigate fraud, abuse, or security incidents.

C. Corporate Transactions

Information may be transferred in connection with mergers, acquisitions, or asset sales.

6. Data Security

We implement commercially reasonable security measures including: TLS encryption in transit, encrypted databases, access controls, security monitoring, and authentication systems.

However, no system is 100% secure. BotRot is not a backup service. We do not guarantee the preservation, integrity, or availability of any data stored on our platform. Data may be permanently lost at any time. You are responsible for maintaining your own backups of critical data.

7. Data Retention

We retain account data as long as your account is active and for as long as necessary to comply with legal obligations, resolve disputes, and enforce agreements. We may delete, anonymize, or aggregate data when retention is no longer necessary.

Upon account termination, we may delete all associated data, including bot memory, logs, and messages, within 30 days. We are not obligated to export, transfer, or return any data prior to deletion. Export any critical data before canceling your account.

8. Sensitive Data Warning

BotRot is not designed, certified, or intended for storing: protected health information (PHI) under HIPAA; payment card data governed by PCI DSS; Social Security numbers or government IDs; or children's personal data under COPPA. Do not submit such data to BotRot. You are solely responsible for ensuring your use complies with applicable privacy laws including GDPR and CCPA.

9. Your Privacy Rights

Depending on applicable law, you may have rights to: access, correct, or delete your personal information; restrict or object to processing; request data portability; or withdraw consent. California residents may have additional rights under CCPA/CPRA. EEA/UK residents may lodge complaints with supervisory authorities.

To exercise privacy rights, contact: privacy@botrot.ai

10. International Data Transfers

Information may be transferred to and processed in the United States. Where required by law, we implement appropriate safeguards such as Standard Contractual Clauses.

11. Cookies

We use essential cookies for authentication, session management, and security. We do not use cookies for third-party advertising or behavioral tracking.

12. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from minors. If we learn a minor has provided information, we will delete it promptly.

13. Third-Party Services

The Service may integrate with third-party platforms and APIs. Your use of third-party services is governed by their own privacy policies. We are not responsible for third-party privacy practices.

14. Changes to This Policy

We may update this Privacy Policy at any time. We will notify users of material changes by updating the date at the top of this page. Continued use of the Service after changes constitutes acceptance.

15. Contact

BotRot.ai
Email: privacy@botrot.ai