Privacy Policy

This Privacy Policy explains how Bridgeupp LTD ("Bridgeupp", "we", "us") collects, uses, and shares information when you visit our websites or use Bridgeupp Chatbot (the "Service").

1) Who we are

For our marketing website(s) and direct customer relationships, Bridgeupp LTD is the data controller. For chats and end-user data processed through customer websites, we generally act as a data processor and our customer is the data controller.

2) Information we collect

A. Website visitors (bridgeupp.ai and related pages)

Technical data: device/browser info, IP address, logs, approximate location derived from IP.
Cookie/pixel data: identifiers and events for analytics/marketing (subject to consent where required).
Contact data: name, email, phone, company, and your message when you submit forms.

B. Customers (account admins)

Account data: name, email, phone, company, domains, billing address and related metadata.
Payments: processed via Tranzila tokenization. We do not store full payment card details.

C. End users on customer websites

Chat content: messages sent to the chatbot and responses.
Lead data: fields configured by the customer (e.g., name/email/phone/message).
Technical/session data: may include IP address, user agent, cookies/session identifiers needed to deliver the Service.

3) How we use information

Provide and operate the Service (processing chats, generating responses, delivering analytics, support).
Security and abuse prevention (fraud detection, monitoring, incident response).
Communicate (transactional emails, support, product notices).
Marketing (subject to consent where required and opt-out choices).
Legal/compliance (billing, accounting, tax, and lawful requests).

4) Legal bases (EEA/UK users)

Where GDPR applies, we rely on: contract performance (providing the Service), legitimate interests (security, service improvement), consent (certain cookies/pixels), and legal obligations.

5) Website crawling and content ingestion

The Service can ingest content such as public web pages (e.g., via sitemaps) and documents that customers provide. We crawl public pages only. We do not crawl password-protected pages.

Re-crawling is typically daily, or adjusted based on customer request. We store text and raw documents used to build the knowledge base. We do not store raw HTML snapshots.

6) AI and model providers

We use our own hosted infrastructure for storage and processing of customer data and use OpenAI to generate human-like responses. Use of third-party AI providers is the default unless explicitly changed under an Enterprise agreement.

We do not use customer data to train our models globally.

7) Human access

We do not routinely review customer chats. Human review may occur when requested by the customer (e.g., troubleshooting, QA), or when needed for security or abuse investigations.

8) Cookies and similar technologies

We use necessary cookies for core site functions and security. With consent (where required), we also use analytics and marketing technologies, including Google Analytics and Meta Pixel.

9) Sharing and subprocessors

We share information with vendors that help us operate the Service (hosting, CDN, payments, email, analytics).

10) Hosting locations and international transfers

We may process data in regions including the US (Oregon, Northern Virginia), EU/UK (London), and Australia (Sydney), and may use other regions as needed. Enterprise customers may request specific region assignments subject to availability and agreement.

Where required by applicable law, we use appropriate safeguards for international transfers and apply security measures in transit and at rest.

11) Security

Encryption in transit (TLS).
Encryption at rest for stored data.
Restricted access to authorized personnel and vendors as needed to operate the Service.

12) Retention

Retention for chat transcripts, leads, and account data can be configured and may vary by customer needs and plan. Backups are retained for roughly 30 days. Billing/tax records may be retained as required for accounting, compliance, and future billing or tax purposes.

13) Your choices and rights

Marketing emails: unsubscribe by emailing support@bridgeupp.com or using instructions provided in our emails.
Cookies: use Cookie Settings to control optional cookies/pixels.
Data rights: depending on your location, you may have rights to access, correct, delete, or restrict processing. Contact legal@bridgeupp.com.

For end users chatting on a customer's site, the customer (as controller) may be the best point of contact for requests related to that chatbot.

14) Changes

We may update this policy from time to time. We will post the updated version with a new "Last updated" date.

15) Contact

Support: support@bridgeupp.com
Privacy/legal: legal@bridgeupp.com
Billing: billing@bridgeupp.com