Privacy Policy

When you create an account with MCP Chats, we collect:

• Account Information: Name, email address, phone number, company name, job title, and business details
• Billing Information: Payment card details, billing address, and transaction history (processed securely through third-party payment processors)
• Authentication Data: Username, password (encrypted), and multi-factor authentication credentials
• Communication Data: Messages, support tickets, feedback, and correspondence with our team
• Integration Credentials: API keys, OAuth tokens, and connection credentials for third-party services (e.g., Shopify, WhatsApp Business API, Microsoft Outlook, Slack, etc.)

We automatically collect technical and usage data including:

• Device Information: IP address, browser type and version, operating system, device identifiers, and hardware specifications
• Usage Data: Pages visited, features used, time spent, click patterns, navigation paths, and interaction with AI agents
• Performance Metrics: Response times, error logs, API calls, conversation flows, and agent performance analytics
• Location Data: General geographic location based on IP address (not precise GPS coordinates unless explicitly permitted)
• Cookies and Tracking Technologies: Session cookies, preference cookies, analytics cookies, and similar technologies (see Section 11)

When you use our AI agent solutions, we may process:

• Customer Interaction Data: Chat conversations, WhatsApp messages, email threads, customer inquiries, and support tickets
• Business Process Data: Workflow information, task details, order data, inventory information, scheduling data, and operational metrics
• Third-Party Platform Data: Data accessed through integrations with Shopify, Microsoft Outlook, WhatsApp Business API, CRM systems, and other connected platforms
• AI Training Data: Anonymized and aggregated conversation patterns used to improve AI agent performance (only with your explicit consent)

We use your information to:

• Provide, maintain, and improve our AI agent solutions and automation services
• Facilitate integrations with third-party platforms (Shopify, WhatsApp, Microsoft Outlook, etc.)
• Process transactions, manage billing, and generate invoices
• Authenticate users and maintain account security
• Enable communication between your business and customers through our AI agents
• Analyze and optimize business process workflows

We use your contact information to:

• Send service updates, security alerts, and system notifications
• Provide customer support and respond to inquiries
• Share product updates, new features, and relevant educational content
• Send billing statements and payment reminders
• Request feedback and conduct user research (with your consent)

We analyze usage data to:

• Improve AI agent accuracy, responsiveness, and natural language understanding
• Develop new features and automation capabilities
• Identify and fix technical issues and bugs
• Enhance user experience and interface design
• Generate aggregated analytics and industry insights (never identifying individual users)

We process your information to:

• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and other policies
• Detect, prevent, and address fraud, security threats, and abuse
• Protect the rights, property, and safety of MCP Chats, our users, and the public
• Respond to legal requests from law enforcement and regulatory authorities

MCP Chats implements industry-leading security measures including:

• Encryption: AES-256 encryption for data at rest and TLS 1.3+ for data in transit
• Access Controls: Role-based access control (RBAC), multi-factor authentication, and principle of least privilege
• Network Security: Firewalls, intrusion detection systems, DDoS protection, and regular penetration testing
• Infrastructure Security: Secure cloud hosting with SOC 2 Type II certified providers, regular security audits, and vulnerability assessments
• Data Segregation: Logical separation of customer data with strict isolation between tenants
• Monitoring: 24/7 security monitoring, automated threat detection, and incident response protocols

We employ strict policies ensuring:

• Background checks for all employees with data access
• Mandatory security training and confidentiality agreements
• Access logging and regular audits of data access patterns
• Immediate revocation of access upon employee departure

In the event of a data breach affecting your personal information, we commit to:

• Notifying affected users within 72 hours of discovery
• Providing detailed information about the nature and scope of the breach
• Offering remediation steps and support
• Notifying relevant regulatory authorities as required by applicable laws (GDPR, CCPA, etc.)

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We will never monetize your data without your explicit consent.

We share data with trusted third-party service providers who assist in delivering our services:

• Cloud Infrastructure: AWS, Google Cloud Platform, or Microsoft Azure for hosting and storage
• Payment Processing: Stripe, PayPal, or similar PCI-DSS compliant payment processors
• Communication Services: Email delivery services, SMS providers, and notification systems
• Analytics Providers: Privacy-focused analytics tools for usage monitoring and optimization
• Customer Support: Helpdesk and ticketing systems to manage support requests

All service providers are bound by strict data processing agreements (DPAs) and are required to maintain adequate security measures and use your data only for specified purposes.

With your authorization, we connect with:

• Shopify: To access store data, orders, products, and customer information for AI agent functionality
• WhatsApp Business API: To send and receive messages on your behalf
• Microsoft Outlook/365: To manage emails, calendars, and contacts through our automation agents
• CRM Systems: Salesforce, HubSpot, and other platforms you choose to integrate
• Other Business Tools: Slack, Zapier, webhooks, and custom API integrations

These integrations access only the data you explicitly authorize and are necessary for service functionality.

We may disclose your information when:

• Required by law, court order, subpoena, or legal process
• Necessary to protect our rights, property, or safety, or that of our users or the public
• Involved in a merger, acquisition, bankruptcy, or sale of assets (with notice to affected users)
• Requested by law enforcement or regulatory authorities with proper legal authorization

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you:

• Industry benchmarks and trends
• Product usage statistics
• Research and development insights
• Marketing and promotional materials

We retain your data for as long as necessary to provide our services and fulfill the purposes outlined in this policy:

• Account Data: Retained while your account is active and for up to 90 days after account closure
• Billing Records: Retained for 7 years to comply with tax and accounting regulations
• Communication Logs: Retained for up to 2 years for customer support and quality assurance
• Business Process Data: Retained according to your subscription plan settings, with options for immediate deletion or archival
• Analytics Data: Aggregated and anonymized data may be retained indefinitely

You can request deletion of your data at any time. Upon request, we will:

• Delete your account and associated personal information within 30 days
• Remove data from active systems and backups within 90 days
• Provide confirmation of deletion upon completion
• Retain only data required for legal compliance (e.g., financial records for tax purposes)

You have the right to:

• Access: Request a copy of your personal data we hold
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Data Portability: Export your data in a structured, machine-readable format
• Objection: Object to processing of your data for specific purposes
• Restriction: Request temporary restriction of data processing
• Withdraw Consent: Revoke consent for data processing at any time

To exercise any of these rights:

• Log into your MCP Chats dashboard and access account settings
• Contact our privacy team at privacy@mcpchats.com
• Submit a written request to our data protection officer (contact details in Section 13)

We will respond to all requests within 30 days as required by applicable privacy laws.

You can opt out of marketing communications:

• By clicking "unsubscribe" in any marketing email
• By updating email preferences in your account settings
• By contacting support at support@mcpchats.com

Note: You cannot opt out of essential service communications (e.g., security alerts, billing notifications).

MCP Chats operates globally and may store and process data in the United States, European Union, and other jurisdictions where we or our service providers maintain facilities.

When transferring data internationally, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs): EU Commission-approved data transfer agreements
• Data Processing Agreements: Compliant with GDPR Article 28 requirements
• Adequacy Decisions: Transfers to countries with adequate privacy protections recognized by regulatory authorities
• Additional Safeguards: Encryption, access controls, and monitoring to protect data in transit and at rest

We comply with applicable international data transfer frameworks and regulations to ensure your data receives consistent protection regardless of where it is processed.

• Essential Cookies: Required for authentication, security, and basic functionality
• Preference Cookies: Remember your settings, language, and customization choices
• Analytics Cookies: Help us understand usage patterns and improve our services
• Performance Cookies: Monitor system performance and optimize loading times

We use privacy-focused analytics services that do not track individual users across websites. We do not use advertising cookies or share data with advertising networks.

You can control cookies through:

• Your browser settings (instructions available at aboutcookies.org)
• Our cookie consent banner (for EU users)
• Opt-out tools provided by analytics services

Note: Disabling essential cookies may affect service functionality.

Our AI agents process customer interactions, business data, and communications to provide intelligent automation. This processing is necessary for service delivery and is performed with appropriate safeguards:

• Transparency: Clear labeling of AI-generated responses
• Human Oversight: Options for human review and intervention
• Accuracy Measures: Continuous monitoring and improvement of AI performance
• Data Minimization: Processing only data necessary for the specific task

We do not use automated decision-making that produces legal effects or similarly significant effects on individuals without human oversight and the ability to contest decisions.

We may use anonymized and aggregated conversation data to improve AI agent performance, but only:

• With your explicit consent
• After removing all personally identifiable information
• Without linking data back to individual users or businesses
• With the ability to opt out at any time

For privacy-related questions, requests, or concerns:

• Email: privacy@mcpchats.com
• Support: support@mcpchats.com

For GDPR-related matters:

• Email: dpo@mcpchats.com

DATAPULS AI SERVICES PRIVATE LIMITED (MCPCHATS)
Attn: Privacy Department
Inderpuri New Delhi, Delhi
India

We may update this Privacy Policy periodically to reflect:

• Changes in our data practices or services
• New legal or regulatory requirements
• Improved privacy protections or security measures
• User feedback and industry best practices

When we make material changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify you via email at least 30 days before changes take effect
• We will display a prominent notice on our platform
• We will maintain an archive of previous policy versions

Your continued use of MCP Chats services after policy updates constitutes acceptance of the revised terms. If you do not agree with the changes, you may close your account and discontinue use of our services.