Privacy Policy
Effective date: April 22, 2026 · Last updated: April 22, 2026
nibchat ("we", "our", or "us") operates the nibchat platform at www.nibchat.ai and portal.local.nibchat.ai. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using nibchat you agree to the practices described here.
1. Information We Collect
Account information
When you register as an operator, we collect your email address, company or product name, and a hashed password. This information is used to create and manage your account.
Usage data
We collect information about how you use the platform, including:
- Agent configurations you create (names, system prompts, connected tools)
- Conversation logs between end users and your agents
- API request logs, error events, and performance metrics
- Browser type, IP address, and page visit timestamps (via Google Analytics)
Google account data (OAuth)
If you or your end users connect a Google account through nibchat's Gmail connector (or future Google Calendar / Drive connectors), we store OAuth tokens issued by Google. These tokens are used exclusively to perform the actions you explicitly authorise — such as reading or sending emails. We store only the access token and refresh token necessary to maintain your authorised connection; we do not store the contents of your emails beyond what is included in a conversation message you send to the agent.
Payment information
Billing is processed by Stripe. We do not store credit card numbers or banking details on our servers. We receive and store your Stripe customer ID and subscription status so we can manage your plan.
2. How We Use Your Information
- Provide the service — run your agents, process conversations, and maintain platform uptime.
- Billing and account management — process payments, send invoices, and manage plan changes.
- Transactional communications — send email verification, billing receipts, and service notices.
- Product improvement — analyse aggregated usage patterns to improve features and reliability.
- Security — detect and prevent abuse, fraud, and unauthorised access.
We do not sell your personal data to third parties.
3. Third-Party Services
nibchat integrates with the following third-party services to operate:
- OpenAI — conversation messages are sent to OpenAI's API to generate AI responses. OpenAI's Privacy Policy applies to data processed by their models.
- Google APIs — when the Gmail (or other Google) connector is enabled, we communicate with Google's APIs on your behalf using your authorised OAuth tokens. Google's Privacy Policy applies.
- Stripe — payment processing. Stripe's Privacy Policy applies to payment data.
- Resend — transactional email delivery (account verification, billing receipts).
- Amazon Web Services (AWS) — cloud infrastructure (compute, database, file storage) hosted in the United States.
- Google Analytics — anonymous website traffic analysis. You can opt out via Google's opt-out tool.
4. Data Retention
We retain your account data for as long as your account is active. Conversation logs are retained to provide conversation history within the platform. If you delete your account, we will delete your personal data within 30 days, except where we are required by law or legitimate business interests (such as tax records) to retain it longer.
Google OAuth tokens are deleted immediately when you disconnect a Google account from the platform.
5. Data Security
We use industry-standard safeguards including encrypted connections (TLS), encrypted data at rest on AWS RDS and S3, and access controls. No method of transmission or storage is 100% secure; we cannot guarantee absolute security, but we take reasonable measures to protect your data.
6. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data ("right to be forgotten")
- Withdraw consent for optional data processing
- Lodge a complaint with your local data protection authority
To exercise any of these rights, email us at contact.nibchat@gmail.com. We will respond within 30 days.
7. Cookies
nibchat uses a session cookie (nc_session) to maintain your
login state. This cookie is HttpOnly, Secure, and expires after 30 days of inactivity.
We also use Google Analytics cookies for anonymous traffic analysis.
8. Children's Privacy
nibchat is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify registered operators by email. Continued use of nibchat after a change constitutes acceptance of the updated policy.
10. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us at:
contact.nibchat@gmail.com