Privacy Policy

1. Introduction

andromix ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our chatbot creation platform and website (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

• Account Information: Name, email address, password, and profile information
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Communication Data: Messages you send to us, support requests, and feedback
• Usage Data: Information about how you use our Service, including features accessed and time spent

2.2 Automatically Collected Information

We automatically collect certain information when you use our Service:

• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Access times, pages viewed, clicks, and other interactions
• Cookies and Tracking: We use cookies and similar technologies to enhance your experience
• Analytics Data: Usage patterns, performance metrics, and user behavior

2.3 Content Data

We collect and store the content you create through our Service, including chatbot configurations, conversation data, and any files you upload. This data is essential for providing our Service to you.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To provide, maintain, and improve our Service
• Account Management: To create and manage your account, process payments, and provide customer support
• Communication: To send you important updates, security alerts, and marketing communications (with your consent)
• Analytics: To analyze usage patterns and improve our Service
• Security: To protect against fraud, abuse, and security threats
• Legal Compliance: To comply with applicable laws and regulations

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our Service, including:

• Payment processors (Paddle - our Merchant of Record)
• Cloud hosting providers (AWS, Google Cloud, Supabase)
• Analytics services (Google Analytics)
• AI service providers (OpenAI, Anthropic, Google Gemini, Groq, Mistral, Llama)
• Email service providers

4.1.1 Paddle Integration

Paddle serves as our Merchant of Record and handles all payment processing. When you make a purchase, Paddle collects and processes your payment information according to their privacy policy. We do not store your payment card details on our servers.

4.2 Legal Requirements

We may disclose your information if required by law or if we believe such action is necessary to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or abuse
• Protect the safety of our users

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change in ownership or control.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Secure data centers and infrastructure
• Employee training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

6.1 General Rights

You have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Objection: Object to certain processing of your information

6.2 GDPR Rights (EU Residents)

If you are a resident of the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to be informed about data processing
• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

6.3 CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Service. You can control cookie settings through your browser preferences.

7.1 Types of Cookies We Use

• Essential Cookies: Necessary for the Service to function properly
• Analytics Cookies: Help us understand how you use our Service
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements

8. Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy. Specifically:

• Account Data: Retained while your account is active and for a reasonable period after closure
• Usage Data: Retained for analytics and service improvement purposes
• Legal Requirements: Some data may be retained longer to comply with legal obligations

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions by relevant authorities
• Other appropriate safeguards as required by law

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

13. Supervisory Authority

If you are a resident of the European Union and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.