Privacy Policy

1. Data Controller

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Full name (first name, last name)
• Email address
• Password (stored as a bcrypt hash — we never store plaintext passwords)
• Role and organisation/tenant information

2.2 Business Information

When you create a business on AgentEQ, we collect:

• Business name and industry
• Business description and website URL
• Brand voice and personality preferences
• Service/product listings, locations, FAQs, and policies you provide during onboarding
• Selected communication channels and configuration

2.3 Payment Information

We use Stripe as our payment processor. We do NOT store credit card numbers, CVV codes, or full card details on our servers. Stripe handles all payment card data in compliance with PCI DSS Level 1. We store only:

• Stripe Customer ID
• Stripe Subscription ID
• Billing cycle and amount
• Payment event records for invoicing

2.4 Usage and Analytics Data

• AI token usage (input/output tokens per model, cost)
• Conversation metadata (channel, status, timestamps)
• Platform interaction data (page visits, session heartbeats)
• IP addresses (for audit logging and security)
• Browser user-agent strings

2.5 AI-Processed Data

When end-users interact with your AI agent, conversation messages are processed by third-party AI providers (OpenAI, Anthropic, Google, or Azure — depending on your configuration). We apply PII filtering before AI processing. If you use BYOK (Bring Your Own Key) mode, data is sent to your own provider account under your own API terms.

2.6 Knowledge Base Data

Documents, URLs, and text you upload to train your AI agent are chunked, embedded, and stored in our vector database (Qdrant) for retrieval purposes.

3. How We Use Your Data

We process your personal data for the following purposes:

• To provide and maintain the AgentEQ platform and services
• To process payments and manage your subscription
• To authenticate your identity and manage your account sessions
• To deliver AI-powered conversation automation on your selected channels
• To generate analytics, usage reports, and ROI calculations for your business
• To send transactional emails (account verification, password resets, payment confirmations)
• To detect, prevent, and address security issues, fraud, and abuse
• To comply with legal obligations under applicable law
• To improve and develop our platform based on aggregated, anonymised usage patterns

4. Legal Basis for Processing (UK GDPR)

We process your data under the following legal bases:

• Contract performance (Article 6(1)(b)): processing necessary to provide the services you have subscribed to
• Legitimate interests (Article 6(1)(f)): security monitoring, fraud prevention, platform improvement, analytics
• Legal obligation (Article 6(1)(c)): tax, accounting, and regulatory compliance
• Consent (Article 6(1)(a)): where you have explicitly opted in (e.g., marketing communications)

5. Data Sharing

We share data with the following categories of third parties:

• Stripe — payment processing (PCI DSS Level 1 compliant)
• AI Providers — OpenAI, Anthropic, Google, Azure (only for AI inference; subject to your BYOK or managed configuration)
• Google Workspace / Microsoft 365 — only when you connect these integrations via OAuth
• Email delivery — Google Workspace SMTP (transactional emails only)
• Qdrant — vector database for knowledge retrieval (self-hosted or managed)

We do NOT sell, rent, or trade your personal data to any third party for marketing purposes. We do NOT use your data to train our own AI models.

6. Data Retention

• Account data: retained for the duration of your account, plus 30 days after deletion request
• Conversation data: configurable retention period per business (30 to 3,650 days) based on your privacy settings
• Payment records: retained for 7 years as required by UK tax regulations (HMRC)
• Audit logs: retained for 2 years for security and compliance purposes
• Knowledge base data: deleted within 30 days of business deletion or document removal

7. Data Security

We implement appropriate technical and organisational measures to protect your data:

• AES-256-GCM encryption for sensitive data at rest (API keys, secrets)
• TLS 1.2+ encryption for all data in transit
• Bearer token session authentication (64-character cryptographically random tokens)
• Password hashing with bcrypt (cost factor 12)
• Webhook signature verification (HMAC-SHA256 with timing-safe comparison)
• Role-based access control (RBAC) with principle of least privilege
• Regular security audits and vulnerability assessments

8. International Transfers

Your data may be processed in jurisdictions outside the United Kingdom. Where transfers occur, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including Standard Contractual Clauses (SCCs) where applicable.

9. Your Rights

Under UK GDPR, you have the right to:

• Access your personal data (Subject Access Request)
• Rectify inaccurate or incomplete data
• Erase your data ("right to be forgotten"), subject to legal retention requirements
• Restrict processing in certain circumstances
• Data portability — receive your data in a structured, machine-readable format
• Object to processing based on legitimate interests
• Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

10. Automated Decision-Making

Our AI agents process conversations automatically. These automated processes may classify intent, route conversations, and execute actions (such as booking appointments or sending emails). You may request human review of any automated decision by contacting the business you are interacting with, or by contacting us directly.

11. Children's Privacy

AgentEQ is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us at [email protected] and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new "Last updated" date. Continued use of the platform after changes constitutes acceptance of the revised policy.

Google API Data Usage

Which Google APIs We Access and Why

When a business owner explicitly connects their Google Workspace account within AgentEQ (Settings → Integrations → Connect Google Workspace), the platform requests the following OAuth 2.0 scopes to enable the AI chatbot to perform actions in the owner's Google Workspace on their behalf:

• calendar — Creates calendar events with automatic Google Meet conference links for appointment bookings, and checks free/busy availability before scheduling. AgentEQ does not read, modify, or delete existing calendar events.
• spreadsheets (Google Sheets) — Creates new spreadsheets and appends rows for structured data logging (bookings, leads, feedback, and other records captured during chat conversations). AgentEQ does not read or modify pre-existing spreadsheets.
• drive.file — Creates an organised folder hierarchy per business (e.g. "AgentEQ — Business Name" with subfolders for Bookings, Documents, Contacts, etc.) and organises app-created files into those folders. This scope only grants access to files and folders that AgentEQ itself creates — it cannot access any pre-existing Drive content.
• gmail.send — Sends transactional emails on behalf of the business owner, such as booking confirmations, escalation alerts, and notification emails. AgentEQ exclusively uses the messages.send endpoint. It does not read, search, modify, or delete any Gmail messages, labels, or inbox content.
• contacts — Creates new Google Contacts from customer information captured during chat conversations (name, email, phone, company). AgentEQ does not read or modify existing contacts.
• documents (Google Docs) — Creates new Google Docs with structured content (intake forms, service quotes, job applications, maintenance requests). AgentEQ does not read or modify existing documents.
• forms.body (Google Forms) — Creates new Google Forms for customer feedback surveys, intake forms, and rating questionnaires. AgentEQ does not read or modify existing forms.
• tasks (Google Tasks) — Creates tasks in a dedicated "AgentEQ" task list for follow-ups, reminders, and ticket tracking. AgentEQ does not read or modify existing tasks or task lists.
• userinfo.email — Reads the email address of the connected Google account to uniquely identify the integration in AgentEQ's database. Accessed once at connection time.
• userinfo.profile — Reads the display name and profile picture of the connected Google account to show in the AgentEQ integrations UI. Accessed once at connection time.

How Google Workspace Data Is Used

AgentEQ is a write-first platform. The AI chatbot creates new content in the business owner's Google Workspace on their behalf — it does not read, export, or scrape existing user data. Specifically:

• All Google API operations are write-only (creating new events, documents, contacts, spreadsheets, forms, tasks, and emails) with one exception: the Calendar FreeBusy API is used to check availability before booking an appointment.
• No pre-existing user data is accessed, read, exported, or scraped from Gmail, Drive, Sheets, Contacts, Docs, Forms, or Tasks.
• The drive.file scope ensures AgentEQ can only access files and folders it created — no access to any other Drive content.
• No Google API data is used to train, fine-tune, or improve AgentEQ's own AI models or any third-party AI models.
• No Google API data is used for advertising, profiling, or any purpose unrelated to executing the chatbot actions the business owner has explicitly configured.

Data Encryption and Security

AgentEQ applies multiple layers of protection to all Google API interactions:

• Encryption at rest — All Google OAuth tokens (access tokens and refresh tokens) are encrypted with AES-256-GCM before storage.
• Encryption in transit — All API calls to Google services and all data transfers use TLS 1.2 or higher.
• Tenant isolation — Each business owner's connected account is isolated by a unique tenant identifier. No credentials or data from one account can be accessed by another account.
• OAuth token handling — Google OAuth tokens are never logged, exposed in API responses, stored in client-side storage, or transmitted to third parties. Tokens are automatically refreshed server-side before expiry.
• CSRF protection — The OAuth state parameter is signed with HMAC-SHA256 to prevent cross-site request forgery during the authorisation flow.

No Sharing, Sale, or Transfer of Google User Data

Data Retention and Deletion

• Google OAuth tokens are retained only while the integration remains connected. Disconnecting the integration immediately deletes all stored tokens.
• Content created in the user's Google Workspace (events, documents, contacts, etc.) belongs to the user and remains in their Google account regardless of AgentEQ account status.
• When a user deletes their AgentEQ account, all stored OAuth tokens and integration metadata are permanently purged within 30 days.

Revoking Google Access

Users can revoke AgentEQ's access to their Google account at any time through either:

• Google Account Security page — Visit myaccount.google.com/permissions and remove AgentEQ from the list of connected apps.
• AgentEQ Settings page — Navigate to Settings → Integrations → Google and click "Disconnect".

Revoking access immediately stops all chatbot actions that use Google Workspace. Content previously created in the user's Google account is not affected. For any concerns regarding Google data usage, contact [email protected].

13. Contact & Complaints