Privacy Policy
Last updated: 2025-05-01
This Privacy Policy explains how Quassum MB (“Quassum,” “we,” “our”) collects, uses,
and protects information when you use One Dollar Chatbot.
For service terms, please read our Terms and Conditions.
Overview
We respect your privacy. This policy describes what data we collect, why we collect it, and the choices you have. It applies to all visitors, customers, and end-users of onedollarchatbot.com.
Information We Collect
| Category | Details (examples) |
|---|---|
| Account Data | Name, email address, password hash. |
| Payment & Billing | Managed by Stripe via Polar.sh checkout (PCI-DSS compliant); Quassum never stores raw card data. |
| Usage Data | Prompts, responses, logs, IP address, device/browser metadata, timestamps. |
| Support Comms | Emails, tickets, chat transcripts. |
How We Use Your Information
- Provide and maintain the service
- Troubleshoot, secure, and improve performance
- R&D and model fine-tuning on de-identified data
- Send product updates or marketing emails (opt-out link in every message)
- Comply with legal obligations
Legal Bases for Processing (GDPR)
- Contract – deliver the service you request
- Legitimate interest – improve, secure, and market our service
- Legal obligation – keep records for tax or regulatory purposes
- Consent – marketing emails and cookies
Data Sharing & Processors
| Processor | Purpose | Region | Link |
|---|---|---|---|
| Polar.sh | Subscription & checkout management | EU | polar.sh |
| Stripe | Payment processing | US/EU | stripe.com |
| Vercel | Server hosting | EU/US | vercel.com |
| Neon.tech | Postgres database hosting | EU | neon.tech |
| Cloudflare | DNS, CDN, WAF, file hosting & optimization | Global | cloudflare.com |
We sign Data Processing Agreements and, where required, Standard Contractual Clauses with all processors.
Cookies & Tracking
We use first-party cookies (session, authentication, preferences) and third-party cookies
(analytics, CDN). Manage preferences at
onedollarchatbot.com/cookies.
Data Retention
We retain user data for 2 years after the last recorded usage or account deletion, unless law requires longer.
Security Measures
- TLS 1.3 in transit; AES-256 encryption at rest
- Role-based access and least-privilege principles
- Annual third-party penetration tests
- Documented incident-response plan
International Transfers
When data moves outside the EEA, we rely on Standard Contractual Clauses (SCCs) and additional safeguards (encryption, access controls, monitoring).
Your Rights
- GDPR – access, rectify, erase, restrict, portability, object, and avoid automated decision-making
- CCPA – know, delete, opt-out of sale/sharing, freedom from discrimination
To exercise any right, email info@onedollarchatbot.com.
Children’s Privacy
The service is not directed to anyone under 13 years old. If we learn that a child has provided personal data, we will delete it promptly. Parents may contact us to request removal.
Changes to This Policy
We may revise this policy periodically. Material changes will be emailed before they take effect. The “Last updated” date above shows the current version.
Contact
For privacy questions or to reach our Data Protection Officer, email
info@onedollarchatbot.com.
Supported languages: English (canonical). Machine-translated copies are provided for convenience only and are non-binding.