Privacy Policy (HelloChat)

Last updated: January 15, 2026
Company: ZetEngine ("HelloChat", "we", "us", "our")
Website: https://www.gethellochat.com
Contact Email: support@gethellochat.com

1. Overview

This Privacy Policy explains how ZetEngine ("HelloChat", "we", "us", "our") collects, uses, discloses, and protects personal information when you access or use HelloChat (the "Service") or otherwise interact with us. HelloChat is a subscription-based SaaS platform that helps teams create and maintain customer support policies, workflows, knowledge bases, and playbooks, and use approved documentation to power an AI support agent.

We may update this Privacy Policy from time to time. If we make changes, we will post an updated version on our website and update the "Last updated" date above. We encourage you to review this Policy periodically.

2. Roles: Controller vs. Processor

HelloChat is primarily a B2B service. Depending on the context, we may act as a controller or a processor (or equivalent roles under applicable law).

Account/Admin data (B2B customers / workspace admins): We act as a controller for information related to your account, workspace administration, billing status (as received from our payment provider), and our direct relationship with you.

Customer Data (end-user content processed for customers): When business customers use HelloChat to support their own end users, we typically act as a processor and process Customer Data on the customer's instructions. If you are an end user interacting with a business customer's HelloChat deployment, please also review that business customer's privacy practices.

3. Information We Collect

A) Information you provide (account & admin)

  • Workspace/admin information such as name (if provided) and email address
  • Authentication details (e.g., OAuth sign-in) and account settings
  • Support requests and communications you send to us

B) Customer Data processed in the Service

Depending on how you use the Service, Customer Data may include:

  • End-user chat content (messages and conversation history)
  • Policies, workflows, playbooks, and configuration settings you create
  • Knowledge base and documentation you upload or maintain

AI features. If you enable AI functionality, we may process prompts/instructions, relevant context, and resulting outputs in order to provide the Service.

We do not intentionally collect payment card details. Payments are processed by our Merchant of Record (see Section 6).

C) Automatically collected information

We collect certain information automatically when you use the Service:

  • IP address and approximate location (derived from IP), device and browser information
  • Usage data and logs (feature usage, events, timestamps, performance and error logs)
  • Security and diagnostic logs (to maintain and protect the Service)
  • Cookies and similar technologies data (see Section 9)

4. How We Use Information

We use information to:

  • Provide, operate, and maintain the Service (authentication, access, functionality)
  • Administer accounts and workspaces and respond to support requests
  • Operate AI features you choose to use and deliver outputs
  • Maintain security, prevent abuse, and debug issues
  • Monitor, analyze, and improve reliability and performance of the Service
  • Communicate with you about updates, security notices, and administrative messages
  • Comply with legal obligations and enforce our Terms

5. Legal Bases (where applicable)

Where required by law, we process personal information on the basis of:

  • Contract (to provide the Service you request)
  • Legitimate interests (security, fraud prevention, service improvement, analytics)
  • Consent (where required for certain cookies or marketing communications)
  • Legal obligation (compliance and recordkeeping)

6. How We Share Information

We do not sell personal information. We may share information with:

Service providers (processors):

  • Hosting & Web Infrastructure: Vercel (hosting, deployment, and platform operations)
  • Database & Storage: Supabase (database and storage services)
  • Logging & Monitoring: Vercel (platform logs and diagnostics)
  • Analytics: Vercel Analytics (performance and usage analytics)
  • Email: Google (to send essential service emails and support communications)

AI and third-party integrations (when enabled):

If you enable AI features or connect third-party integrations, we may share limited data (such as prompts, context, and content necessary to complete the request) with the relevant third-party providers to deliver the functionality you requested. These providers process data under their own terms and privacy policies.

Payments (Merchant of Record):

Payments may be processed by Lemon Squeezy as Merchant of Record. The Merchant of Record may process payment information, applicable taxes (e.g., VAT/GST/sales tax), invoicing, disputes, and refunds. We may receive limited subscription/billing status information (e.g., active/canceled status, invoice identifiers) to manage service access and provide support.

Legal and safety: We may disclose information when required to comply with law or valid legal process, protect rights and safety, prevent fraud or abuse, or secure the Service.

Business transfers: We may share information if we are involved in a merger, acquisition, financing, reorganization, or sale of assets.

7. International Data Transfers

Our vendors and infrastructure may process data in countries other than your own. We take steps intended to ensure appropriate safeguards for cross-border transfers where required by law.

8. Data Retention

We retain personal information and Customer Data for as long as necessary to provide the Service, maintain business records, comply with legal obligations, resolve disputes, enforce agreements, and maintain security.

Customer Data: Deleted upon account deletion or as otherwise instructed by the customer, subject to limited retention required for security, legal compliance, billing records, or dispute resolution.

Security/diagnostic logs: retained for a limited period as needed for security and troubleshooting, and then deleted or anonymized unless required for investigation or legal compliance.

Support communications: retained as needed to address requests and maintain operational records.

9. Cookies

We may use cookies or similar technologies for essential Service functionality, security, and analytics. Where required by law, we will request consent for certain cookies. You can control cookies through your browser settings. Disabling cookies may affect parts of the Service.

10. Security

We maintain reasonable administrative, technical, and organizational measures designed to protect information. No method of transmission or storage is completely secure.

11. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, or export your personal information, and to object to or restrict certain processing.

To exercise rights, contact: support@gethellochat.com. We may need to verify your identity and (for Customer Data) your authority on behalf of a workspace/customer.

If you are an end user interacting with a business customer's HelloChat deployment, please contact that business customer directly for requests relating to your conversation content, as they control how the Service is configured and used.

12. Children

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

13. Updates

We may update this Privacy Policy from time to time. If we make material changes, we will post an updated version on our website with a new "Last updated" date.