Privacy Policy
Last Updated: May 26, 2026 — BotRot.ai
This Privacy Policy describes how BotRot.ai ("BotRot," "we," "our," or "us") collects, uses, stores, and discloses information when you access or use the BotRot website, applications, APIs, and Bot Infrastructure Services (collectively, the "Service"). By using BotRot, you agree to the collection and use of information as described in this policy.
1. Information We Collect
A. Information You Provide Directly
- Name, email address, and account credentials
- Billing and subscription information (processed by Stripe)
- Customer support communications
- Bot session logs, diary entries, credentials, messages, and any other content submitted via the BotRot API
- API keys and integration configurations
B. Information Collected Automatically
- IP address and approximate location
- Browser type, device identifiers, and operating system
- Usage logs, telemetry, and API request data
- Session activity, feature usage, and interaction events
- Performance metrics and infrastructure monitoring data
C. Information from Third Parties
We may receive information from third-party authentication providers (Clerk), payment processors (Stripe), and hosting infrastructure providers (Vercel, Neon).
2. How We Use Information
We use information to:
- Provide, maintain, and operate the Service
- Authenticate users and secure accounts
- Process billing and subscription transactions
- Detect fraud, abuse, unauthorized access, and security incidents
- Monitor platform reliability and performance
- Communicate operational notices, support responses, and security updates
- Comply with legal obligations and enforce our agreements
- Improve and develop new features
We may use aggregated, de-identified information for analytics and product improvement. We do not sell your personal information. We do not use bot session logs or API content for advertising.
3. Bot Data and Automated Processing
BotRot stores data submitted by your bots via the API — including session logs, messages, diary entries, and credentials. You are solely responsible for the content your bots send to BotRot and for ensuring that content complies with applicable privacy laws.
BotRot does not review, validate, or take responsibility for bot-submitted content. We do not use customer bot data to train AI models unless explicitly disclosed and authorized by you.
4. Legal Bases for Processing (EEA/UK Users)
If you are in the EEA or UK, we process personal data under: (a) performance of a contract; (b) legitimate interests; (c) compliance with legal obligations; or (d) consent where required. You may withdraw consent at any time where processing is consent-based.
5. Sharing and Disclosure
A. Service Providers and Subprocessors
- Clerk — Authentication and user management
- Stripe — Payment processing
- Neon — Database hosting (PostgreSQL)
- Vercel — Application hosting and CDN
These providers process data subject to contractual obligations and security controls.
B. Legal and Compliance
We may disclose information to comply with law, regulation, subpoena, or court order; to protect rights, safety, or infrastructure; or to investigate fraud, abuse, or security incidents.
C. Corporate Transactions
Information may be transferred in connection with mergers, acquisitions, or asset sales.
6. Data Security
We implement commercially reasonable security measures including: TLS encryption in transit, encrypted databases, access controls, security monitoring, and authentication systems.
However, no system is 100% secure. BotRot is not a backup service. We do not guarantee the preservation, integrity, or availability of any data stored on our platform. Data may be permanently lost at any time. You are responsible for maintaining your own backups of critical data.
7. Data Retention
We retain account data as long as your account is active and for as long as necessary to comply with legal obligations, resolve disputes, and enforce agreements. We may delete, anonymize, or aggregate data when retention is no longer necessary.
Upon account termination, we may delete all associated data, including bot memory, logs, and messages, within 30 days. We are not obligated to export, transfer, or return any data prior to deletion. Export any critical data before canceling your account.
8. Sensitive Data Warning
BotRot is not designed, certified, or intended for storing: protected health information (PHI) under HIPAA; payment card data governed by PCI DSS; Social Security numbers or government IDs; or children's personal data under COPPA. Do not submit such data to BotRot. You are solely responsible for ensuring your use complies with applicable privacy laws including GDPR and CCPA.
9. Your Privacy Rights
Depending on applicable law, you may have rights to: access, correct, or delete your personal information; restrict or object to processing; request data portability; or withdraw consent. California residents may have additional rights under CCPA/CPRA. EEA/UK residents may lodge complaints with supervisory authorities.
To exercise privacy rights, contact: privacy@botrot.ai
10. International Data Transfers
Information may be transferred to and processed in the United States. Where required by law, we implement appropriate safeguards such as Standard Contractual Clauses.
11. Cookies
We use essential cookies for authentication, session management, and security. We do not use cookies for third-party advertising or behavioral tracking.
12. Children's Privacy
The Service is not directed to individuals under 18. We do not knowingly collect personal information from minors. If we learn a minor has provided information, we will delete it promptly.
13. Third-Party Services
The Service may integrate with third-party platforms and APIs. Your use of third-party services is governed by their own privacy policies. We are not responsible for third-party privacy practices.
14. Changes to This Policy
We may update this Privacy Policy at any time. We will notify users of material changes by updating the date at the top of this page. Continued use of the Service after changes constitutes acceptance.
15. Contact
BotRot.ai
Email: privacy@botrot.ai