1. Introduction

At Bravos AI, we take the protection of your personal data very seriously. This Privacy Policy explains what information we collect, how we use it, and what your rights are under the General Data Protection Regulation (GDPR) and applicable data protection legislation.

2. Data Controller

Identity: Bravos AI
Email: contacto@bravos-ai.com
Registered address: Suite 7 Midshires House, Smeaton Close, Aylesbury, England HP19 8HL

3. What Data We Collect

3.1 Data You Provide Directly

• Account information: Name, email, password (encrypted with bcrypt)
• Optional contact data: Information you choose to share voluntarily (phone number, company, etc.)
• Billing information: Processed by Stripe (we do not store card details)
• Chatbot content: Texts, documents, images, and files you upload to train your bots
• Support messages: Communications you have with our team

3.2 Automatically Collected Data

• Usage data: Pages visited, features used, time of use
• Technical data: IP address, browser, operating system
• Cookies: For essential functionality and analytics

3.3 End User Data (Widget)

When visitors to your website interact with your chatbots:

• Conversation messages
• Shared media files (paid plans only, automatically deleted after 24 hours)
• Anonymous session identifier (fingerprint)

Important: You (the Customer) are the data controller for this data. Bravos AI acts as the data processor. As the chatbot owner, you have access to your users' conversations for customer service, monitoring, and service improvement purposes. It is your responsibility to inform your website users about the use of the chatbot in your privacy policy.

4. Legal Basis for Processing

We process your personal data based on:

• Contract performance: To provide you with the service you have subscribed to
• Consent: For marketing communications (you may withdraw it at any time)
• Legitimate interest: To improve our services and prevent fraud
• Legal obligation: To comply with tax and legal requirements

5. How We Use Your Data

• Provide and maintain the Bravos AI service
• Process payments and manage subscriptions
• Send important notifications about your account
• Provide technical support
• Improve and optimize our services
• Comply with legal obligations
• Prevent fraud and abuse
• Send marketing communications (only with your consent)

Commitment: We do not use End User conversations or Customer training data to train or improve general-purpose AI models. Data is processed solely to provide the contracted service. Our AI providers are subject to equivalent contractual restrictions.

6. Who We Share Your Data With

We do not sell your personal data. We only share information with trusted third parties necessary to operate the service:

Sub-processors:

Provider	Purpose	Location	Safeguards
OpenAI, LLC	AI processing (chatbot response generation)	USA	DPA + SCCs
Hetzner Online GmbH	Server and database hosting	Germany (EU)	DPA
Stripe, Inc.	Payment processing	USA	EU-US DPF + DPA
Resend, Inc.	Transactional email delivery	USA	DPA + SCCs

All our providers are subject to data protection agreements and commit to processing personal data in accordance with applicable regulations. Personal data submitted through the chatbot may be processed by our AI providers solely for the purpose of generating responses, never for general-purpose model training.

7. International Transfers

Some of our providers are located outside the European Economic Area. In such cases:

• We use EU Standard Contractual Clauses (SCCs) approved by the European Commission
• We verify participation in the EU-US Data Privacy Framework where applicable
• We implement appropriate technical and organizational measures

8. How Long We Retain Your Data

• Account data: While your account is active + 30 days after cancellation
• Billing data: 10 years (legal tax requirement)
• Chatbot content: Until you delete it or cancel your account
• Widget conversations: 90 days from creation (automatically deleted)
• Widget media files: 24 hours (automatically deleted)
• Technical logs: 90 days

9. Your Rights (GDPR)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Restrict the processing of your data
• Portability: Receive your data in a structured format
• Objection: Object to the processing of your data
• Withdraw consent: At any time, without affecting prior processing

To exercise these rights, contact: contacto@bravos-ai.com

You also have the right to file a complaint with the relevant data protection authority, such as the Information Commissioner's Office (ICO) in the United Kingdom.

10. Data Security

We implement technical and organizational measures to protect your data:

• Data encryption in transit (HTTPS/TLS)
• Password encryption (bcrypt)
• Restricted access to personal data
• Regular and secure backups
• Security monitoring

No system is 100% secure. Although we implement industry best practices, we cannot guarantee absolute security.

11. Cookies and Similar Technologies

We use cookies for:

• Essential cookies: Authentication and basic functionality (no consent required)
• Analytics cookies: Understanding how you use the service (with your consent)

You can configure your browser to block cookies, although this may affect the functionality of the service.

12. Minors

Bravos AI is not intended for individuals under the age of 16. We do not knowingly collect data from minors. If you are a parent or guardian and believe your child has provided us with data, please contact us to have it removed.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice in the service. The "Last updated" date will be updated accordingly.

14. Contact

For any inquiries regarding this Privacy Policy or the processing of your data:

Email: contacto@bravos-ai.com
Registered address: Suite 7 Midshires House, Smeaton Close, Aylesbury, England HP19 8HL