Privacy Policy for BYOKChat

Last Updated: March 9, 2026

Thank you for using BYOKChat ("we," "us," or "our"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our website at https://byokchat.com (the "Website") and the chatbot hosting service we provide.

By using the Website, you agree to this Privacy Policy.

1. Information We Collect

1.1 Account Information
When you sign in, we collect your name and email address via Google OAuth. We do not store your Google password.

1.2 Payment Information
We collect payment details through our payment processor (Dodo Payments) to complete your purchase. We do not store your payment card details on our servers.

1.3 AI Provider API Keys
BYOKChat allows you to bring your own API keys from providers such as OpenAI, Anthropic, and Google. These keys are encrypted using AES-256 encryption before being stored in our database. They are never stored or transmitted in plain text, and are never sent to your browser.

1.4 Chatbot and Conversation Data
When visitors interact with chatbots you create on BYOKChat, we store the conversation messages and any email addresses voluntarily submitted by visitors (leads). This data is associated with your account and accessible to you in your dashboard.

1.5 Non-Personal Data
We use cookies and similar technologies to collect non-personal information such as browser type and usage patterns to improve the service.

2. How We Use Your Information

- To provide and operate the BYOKChat service
- To process your one-time purchase
- To send transactional emails (purchase confirmation, important account updates)
- To allow your chatbots to respond to visitor messages using your API keys

3. Data Sharing

We do not sell, trade, or rent your personal information. We share data only with:
- Dodo Payments, to process your payment
- AI providers (OpenAI, Anthropic, Google), solely to fulfil chat requests using your own API key
- Resend, to deliver transactional emails

4. Data Security

Your AI provider API keys are encrypted with AES-256-GCM before storage and are only decrypted server-side at the moment a chat message is processed. They are never exposed in any API response or sent to the browser.

5. Data Retention

You may delete your chatbots, conversations, and account at any time from the Settings page. Deletion is permanent and immediate.

6. Children's Privacy

BYOKChat is not intended for children under the age of 13. We do not knowingly collect information from children.

7. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email.

8. Contact

If you have any questions about this Privacy Policy, please contact us at:
Email: manoosurya@gmail.com