Privacy Policy

Alab & Alon Innovations Inc. ("AlonChat", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI agent platform and services (the "Service").

By using AlonChat, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, and profile details when you create an account
• AI Agent Data: Configurations, training data, system prompts, and knowledge base content you provide to train your AI agents
• Communication Data: Information from your interactions with our support team
• Payment Information: Billing details processed securely through our payment processor

1.2 Automatically Collected Information

• Usage Data: Information about how you interact with our Service, including features used, pages visited, and time spent
• Device Information: IP address, browser type, operating system, and device identifiers
• Cookies and Tracking: We use cookies and similar technologies to track activity and improve user experience

1.3 Third-Party Service Data

When you connect third-party services to AlonChat, we may collect:

• Facebook Messenger: Conversation history, contact information, and metadata from your Facebook page
• Google Services: See "Google Services Integration" section below for detailed information

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve our AI agent platform and features
• AI Training: To train and optimize your custom AI agents based on the data you provide
• Communication: To send important service updates, security alerts, and notifications
• Customer Support: To respond to your questions, requests, and provide technical assistance
• Analytics: To understand how users interact with our Service and improve user experience
• Security: To detect, prevent, and address technical issues, fraud, and security vulnerabilities
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Third-Party Integrations: To enable features like Gmail automation, calendar scheduling, and file access as authorized by you

4. How We Share Your Information

4.1 AI Service Providers

We share data with AI providers (OpenAI, Anthropic, Google, and others) to process your requests and generate AI responses. These providers process data according to their own privacy policies and data processing agreements.

4.2 Service Providers

We may share information with third-party service providers who perform services on our behalf, including:

• Cloud infrastructure providers (Supabase, Vercel, Railway)
• Payment processors
• Analytics providers
• Customer support tools

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

We never sell your personal data to third parties for marketing purposes.

5. Data Storage and Retention

5.1 Storage Location

Your data is stored on secure cloud infrastructure provided by Supabase (PostgreSQL database) with servers located in the United States and other regions depending on your account settings.

5.2 Retention Period

• Active Accounts: We retain your data as long as your account is active
• Inactive Data: Unused data is automatically deleted after 90 days of inactivity
• OAuth Tokens: Google OAuth tokens are retained encrypted until you disconnect the integration
• Backups: Database backups are retained for 30 days for recovery purposes
• Legal Requirements: Some data may be retained longer if required by law

5.3 Data Deletion

You can request deletion of your data at any time by contacting us at privacy@alonchat.com. We will delete your data within 30 days unless retention is required by law.

6. Security

We implement industry-standard security measures to protect your data:

• Encryption: Data is encrypted in transit (TLS/SSL) and at rest
• Access Controls: Strict authentication and role-based access controls
• Monitoring: Continuous monitoring for security threats and vulnerabilities
• Audits: Regular security audits and penetration testing
• Compliance: Adherence to industry best practices and security standards

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights

7.1 General Rights

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Portability: Request transfer of your data in a machine-readable format
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing in certain circumstances

7.2 GDPR Rights (EU/EEA Residents)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to be informed about data collection and processing
• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making and profiling

7.3 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal data)
• Right to non-discrimination for exercising your CCPA rights
• Right to correct inaccurate personal information
• Right to limit use and disclosure of sensitive personal information

To exercise any of these rights, please contact us at privacy@alonchat.com.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience:

8.1 Essential Cookies

Required for the website to function properly, including authentication, session management, and security features.

8.2 Analytics Cookies

Help us understand how visitors interact with our website using tools like Google Analytics and Facebook Pixel.

8.3 Managing Cookies

You can control cookies through your browser settings. However, disabling cookies may affect website functionality.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal data, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate measures to ensure your data is protected in accordance with this Privacy Policy and applicable laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: