Privacy Policy

ChatSentinel AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using ChatSentinel AI, you agree to the collection and use of information in accordance with this policy.

2.1 Account Information:

• Email address (if you register with email)
• Google account information (if you use Google OAuth)
• Password (encrypted and hashed)
• Account creation and verification status

2.2 License and Payment Information:

• License keys generated for your account
• Credit balance and transaction history
• Cryptocurrency wallet addresses (for payment processing)
• Blockchain transaction hashes and amounts
• Payment status and confirmations

2.3 Usage Information:

• API request logs (timestamps, endpoints, response codes)
• Credit consumption records
• AI model selection and token usage
• Rate limit tracking (requests per minute/hour)
• IP addresses for security and rate limiting

2.4 Message Content (Temporary):

• Telegram messages you send to our service for AI processing
• AI-generated responses
• Note: Message content is processed in real-time and NOT permanently stored on our servers

2.5 Technical Information:

• Device information (operating system, application version)
• Browser type and version (for web dashboard)
• Error logs and crash reports

We use the collected information for:

• Service Provision: Processing AI requests, managing credits, authenticating users
• Payment Processing: Tracking cryptocurrency transactions and credit issuance
• Account Management: License key generation, balance tracking, transaction history
• Security: Detecting fraud, preventing abuse, enforcing rate limits
• Service Improvement: Analyzing usage patterns, fixing bugs, optimizing performance
• Communication: Sending account notifications, security alerts, service updates

4.1 Third-Party AI Providers:

Message content is sent to third-party AI providers (Google Gemini, OpenAI, Anthropic, etc.) for processing. These providers have their own privacy policies and data handling practices.

4.2 Blockchain Networks:

Cryptocurrency transactions are public on their respective blockchains (BNB Smart Chain, Solana). Transaction details and wallet addresses are visible to anyone.

4.3 Service Providers:

We use Supabase for authentication and database services. Supabase has access to account data as part of infrastructure hosting.

4.4 Legal Requirements:

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

We do NOT sell your personal information to third parties for marketing purposes.

• Message Content: Not permanently stored; processed in real-time only
• Account Data: Retained while your account is active and for a reasonable period after deletion
• Transaction Records: Retained for accounting and fraud prevention (minimum 7 years)
• API Logs: Retained for 90 days for debugging and security purposes
• Analytics Data: Aggregated and anonymized, retained indefinitely

We implement security measures including:

• Encryption of data in transit (TLS/SSL)
• Encrypted storage of sensitive data
• Password hashing with bcrypt
• HTTP-only secure cookies for authentication
• Rate limiting and IP-based access controls
• Regular security audits and updates

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

You have the right to:

• Access: View your account data and transaction history in the dashboard
• Correction: Update your email or other account information
• Deletion: Request account deletion (contact support)
• Data Portability: Export your transaction history
• Opt-Out: Unsubscribe from promotional emails (if applicable)

To exercise these rights, please contact us through our support channels. We will respond within 30 days.

8.1 Authentication Cookies: We use HTTP-only secure cookies to maintain your login session on the web dashboard.

8.2 Analytics: We may use analytics tools to understand service usage. This data is aggregated and anonymized.

8.3 Third-Party Cookies: AI providers and authentication services may set their own cookies. Refer to their privacy policies.

The Service is not intended for users under the age of 18. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. By using the Service, you consent to such transfers.

Our Service integrates with:

• Telegram: Subject to Telegram's Privacy Policy
• Google (OAuth): Subject to Google's Privacy Policy
• AI Providers: Google Gemini, OpenAI, Anthropic, etc. - each with their own privacy policies
• Supabase: Authentication and database infrastructure

We encourage you to review the privacy policies of these third-party services.

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

Your continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please contact us through the support channels listed on our website.