Privacy Policy

1. Introduction

Welcome to WizChat AI ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service that transforms documentation and content into AI-powered chatbots.

By using our service, you consent to the data practices described in this Privacy Policy.

2. Information We Collect

Personal Information

• Email address and account credentials
• Name and profile information
• Payment and billing information
• Communication preferences

Content Data

• Documents you upload (PDFs, Word files, text files, etc.)
• YouTube videos and transcripts you connect
• Website content you provide for scraping
• Custom training data and chatbot configurations

Usage Information

• Chatbot interactions and conversations
• Analytics data and performance metrics
• Log files and technical data
• Device information and IP addresses

3. How We Use Your Information

• Process and analyze your content to create AI embeddings
• Generate responses for your chatbots using AI models
• Provide customer support and technical assistance
• Improve our service performance and features
• Send service-related notifications and updates
• Process payments and manage subscriptions
• Comply with legal obligations and prevent fraud

4. Data Processing and AI Services

Your content is processed using third-party AI services including:

• OpenAI: For text embeddings and chat completions
• Google Cloud: For document processing and YouTube integration
• Pinecone: For vector storage and similarity search
• Firebase: For authentication and data storage

These services may process your data according to their respective privacy policies. We use encryption and secure transmission methods to protect your data.

Authentication & Data Storage

Authentication Provider

We use Firebase Authentication (operated by Google LLC) to manage user accounts and secure access to our service.

Data Stored by Firebase Auth

• Email address
• Password (hashed using industry-standard encryption, never stored in plain text)
• Login timestamps and session data
• Account creation date
• User ID (randomly generated unique identifier)

Data Location

Important: Firebase Authentication currently stores authentication credentials only in the United States. This includes your email address and hashed password. Your authentication data will be transferred to and processed in the US.

Your Content Data: All other data (chatbot content, uploaded documents, conversations, and analytics) will be stored in the region you select when creating your chatbot (EU or US). If you select EU, all your content stays in the European Union.

Legal Safeguards for EU Users

We rely on Standard Contractual Clauses (SCCs) approved by the European Commission and Google's certification under the EU-US Data Privacy Framework to protect your data when transferred to the US.

Additional Protections:

• All data encrypted in transit using TLS 1.3
• All data encrypted at rest using AES-256
• Access strictly controlled and logged
• Regular third-party security audits (SOC 2, ISO 27001)

Data Processing Agreement

Firebase acts as a data processor under GDPR. You can review their data processing terms:

• Firebase Data Processing Terms
• Google Cloud Standard Contractual Clauses

Future Plans

When Firebase introduces EU-based authentication (expected late 2025), we will migrate EU users to EU storage to provide data residency in the European Union.

Your Rights

You can delete your account at any time from your account Settings page. Upon deletion, all authentication data is permanently removed from Firebase Authentication.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information in these circumstances:

• With your explicit consent
• To comply with legal requirements or court orders
• To protect our rights, property, or safety
• With service providers who assist in our operations (under strict confidentiality)
• In connection with a business transfer or acquisition

6. Data Security

We implement industry-standard security measures:

• Encryption in transit and at rest
• Secure authentication and access controls
• Regular security audits and monitoring
• Compliance with data protection regulations

7. Your Rights and Choices

You have the right to:

• Access, update, or delete your personal information
• Export your data in a portable format
• Opt-out of marketing communications
• Delete your chatbots and associated content
• Request restriction of processing

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You can delete your data at any time through your account settings. We may retain certain information for legal compliance or legitimate business purposes.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

10. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.