Privacy Policy

Last updated: 22 May 2026

Automate Supportprovides AI chatbots for small business websites. This policy explains what data we collect, why we collect it, who we share it with, and the choices you have. We've tried to write it in plain English — if something is unclear, email us at [email protected].

Who this policy covers

This policy applies to two groups: customers (small business owners who sign up for a Automate Support account) and end visitors (people who chat with a Automate Support-powered widget on a customer's website). Some sections apply to one group, some to both — we'll call it out where it matters.

What we collect from customers

  • Account details — email address and password (hashed, never stored in plain text) you provide at sign-up.
  • Business knowledge base — the website URL you provide, the pages we crawl from it, and any FAQs or documents you upload to train your chatbot.
  • Billing information — handled by Stripe. We store your subscription status and plan, but never your full card number.
  • Product usage — pages visited, features used, error logs. Used to improve the product and diagnose issues.

What we collect from end visitors

  • Chat messages— the questions visitors ask and the chatbot's responses. Stored against the customer's organisation and retained according to the customer's plan (3–60 days depending on the plan tier — see pricing).
  • Lead capture form data— only the fields a visitor explicitly submits (typically name, email, phone, and a message). Stored against the customer's organisation until they delete it.
  • Session metadata — a session ID, the page URL the chat started on, browser user-agent, and approximate IP-based region (country/region level, not precise location). Used for analytics, abuse prevention, and rate limiting.

Why we collect it

  • To provide and operate the chatbot service.
  • To bill customers and enforce plan limits.
  • To detect and prevent abuse, fraud, and spam.
  • To respond to support requests.
  • To improve the product — diagnose bugs, understand which features are useful, and prioritise what to build next.

Third-party services we use

We rely on a small number of trusted vendors. Each one only sees the subset of data needed to do its job.

  • Google Cloud Platform — hosts our servers, database & AI.
  • Stripe — processes subscription payments. Card details go directly to Stripe and never touch our servers.
  • Firecrawl — crawls customer websites to build the knowledge base. Only the URL the customer provides is shared.
  • Resend — sends transactional emails (verification, lead notifications, password reset).

Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct data that is inaccurate.
  • Delete your data (subject to legal retention requirements).
  • Export your data in a machine-readable format.
  • Object to or restrict certain types of processing.
  • Withdraw consent at any time.

To exercise any of these, email [email protected]. We'll respond within 30 days.

Contact

Privacy questions, data requests, or complaints: email [email protected]. Automate Support is based in Sydney, Australia.

Related

Terms of ServiceAbout Automate SupportPricing & plansStart free trial