Privacy Policy

Last updated: October 25, 2025

1. Introduction

At Bravos AI, we take the protection of your personal data very seriously. This Privacy Policy explains what information we collect, how we use it, and what your rights are under the General Data Protection Regulation (GDPR) and the Spanish Organic Law on Data Protection (LOPD).

2. Data Controller

  • Identity: Bravos AI
  • Email: contacto@bravos-ai.com
  • Registered address: 7 Great Lane, Bierton, Aylesbury, HP22 5DE, United Kingdom

3. What Data Do We Collect?

3.1 Data You Provide Directly

  • Account information: Name, email, password (encrypted)
  • Optional contact data: Information you choose to share voluntarily (phone number, company, etc.)
  • Billing information: Processed by Stripe (we do not store card details)
  • Chatbot content: Texts, documents, images, and files you upload to train your bots
  • Support messages: Communications you have with our team

3.2 Automatically Collected Data

  • Usage data: Pages visited, features used, time of use
  • Technical data: IP address, browser, operating system
  • Cookies: For essential functionality and analytics

3.3 End User Data (Widget)

When visitors to your website interact with your chatbots:

  • • Conversation messages
  • • Shared media files (paid plans only, automatically deleted after 24 hours)
  • • Anonymous session identifier (fingerprint)

Important: You are the data controller for this data. Bravos AI acts as the data processor. As the chatbot owner, you have access to your users' conversations for customer service, monitoring, and service improvement purposes. It is your responsibility to inform your website users about the use of the chatbot in your privacy policy.

4. Legal Basis for Processing

We process your personal data based on:

  • Contract performance: To provide you with the service you have subscribed to
  • Consent: For marketing communications (you may withdraw it at any time)
  • Legitimate interest: To improve our services and prevent fraud
  • Legal obligation: To comply with tax and legal requirements

5. How Do We Use Your Data?

  • • Provide and maintain the Bravos AI service
  • • Process payments and manage subscriptions
  • • Send important notifications about your account
  • • Provide technical support
  • • Improve and optimize our services
  • • Comply with legal obligations
  • • Prevent fraud and abuse
  • • Send marketing communications (only with your consent)

6. Who Do We Share Your Data With?

We do not sell your personal data. We only share information with trusted third parties necessary to operate the service:

Service Providers:

  • Stripe: Payment processing (USA - Privacy Shield certified)
  • AWS: Storage and hosting (EU Region)
  • OpenAI: AI processing (USA - GDPR compliant)

All our providers comply with the GDPR and have data protection agreements in place.

7. International Transfers

Some of our providers are located outside the European Union. In such cases:

  • • We use EU Standard Contractual Clauses
  • • We verify compliance with standards equivalent to the GDPR
  • • We implement appropriate technical and organizational measures

8. How Long Do We Retain Your Data?

  • Account data: While your account is active + 30 days after cancellation
  • Billing data: 10 years (legal tax requirement)
  • Chatbot content: Until you delete it or cancel your account
  • Widget conversations: 90 days from creation (automatically deleted)
  • Technical logs: 90 days

9. Your Rights (GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Restrict the processing of your data
  • Portability: Receive your data in a structured format
  • Objection: Object to the processing of your data
  • Withdraw consent: At any time, without affecting prior processing

To exercise these rights, contact: contacto@bravos-ai.com

You also have the right to file a complaint with the Spanish Data Protection Agency (AEPD).

10. Data Security

We implement technical and organizational measures to protect your data:

  • • Data encryption in transit (HTTPS/TLS)
  • • Password encryption (bcrypt)
  • • Restricted access to personal data
  • • Regular and secure backups
  • • Security monitoring
  • • Two-factor authentication available

No system is 100% secure. Although we implement best practices, we cannot guarantee absolute security.

11. Cookies and Similar Technologies

We use cookies for:

  • Essential cookies: Authentication and basic functionality (no consent required)
  • Analytics cookies: Understanding how you use the service (with your consent)

You can configure your browser to block cookies, although this may affect the functionality of the service.

12. Minors

Bravos AI is not intended for individuals under the age of 16. We do not knowingly collect data from minors. If you are a parent or guardian and believe your child has provided us with data, please contact us to have it removed.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice in the service. The "Last updated" date will be updated accordingly.

14. Contact

For any inquiries regarding this Privacy Policy or the processing of your data:

  • Email: contacto@bravos-ai.com
  • Registered address: 7 Great Lane, Bierton, Aylesbury, HP22 5DE, United Kingdom