Privacy Policy for Botzeno

1. Who operates Botzeno

Botzeno is operated by Sirivimon Prabrat as a sole trader. Botzeno may be marketed and presented under the Botzeno brand.

Business location: Samnak Thon, Ban Chang District, Rayong 21130, Thailand.

Privacy contact: info@botzeno.com.

2. Scope of this Privacy Policy

This Privacy Policy applies to personal information handled by Botzeno in connection with the Botzeno website, demos, client portal, hosted chat widgets, lead capture features, billing flows, support, and related managed services.

Where a Botzeno widget is used on a client website, the client remains responsible for its own website, business practices, privacy notices, lawful basis for collecting information, and communications with its customers or patients.

Botzeno acts as a service provider to its business clients. In some cases, Botzeno may process personal information on behalf of a client, such as chat messages and lead details submitted through the client’s website.

3. What information we collect

Depending on how the service is used, Botzeno may collect and hold personal information such as:

• Name, phone number, email address, and other contact details.
• Business name, website URL, business category, timezone, language, service information, and routing settings.
• Client portal user details, including portal email address, full name, role, login session records, magic link records, and last login time.
• Chat messages and conversation content submitted through a Botzeno widget or demo.
• Enquiry details, appointment-related details, service interests, and other information submitted in chat.
• Lead extraction metadata, such as detected intent, service type, timestamps, confidence signals, delivery status, and routing status.
• Billing-related metadata, such as billing email, subscription status, payment status, Stripe customer ID, Stripe subscription ID, invoice status, billing event type, and transaction references.
• Technical and usage information, including IP address, browser type, device information, server logs, analytics events, cookie data, request timestamps, error logs, and security logs.
• Support, legal, privacy, billing, cancellation, and operational communications.

4. Sensitive information and health-related information

Botzeno does not intentionally request passport details, government identification documents, full payment card numbers, card security codes, bank account login credentials, or other highly sensitive financial credentials through the Botzeno widget or client portal.

For dental clinics and similar healthcare-related businesses, chat users may voluntarily submit health-related information in messages. Botzeno may process that information only as reasonably necessary to provide enquiry handling, lead capture, routing, support, security, or service operation.

Botzeno is not a medical provider and does not provide medical, dental, diagnostic, treatment, triage, prescription, or emergency advice. Users should not submit emergency information through Botzeno and should contact an appropriate healthcare provider or emergency service directly if urgent care is needed.

5. How we collect information

• When a person visits the Botzeno website.
• When a person uses a Botzeno demo experience.
• When a person submits information through a Botzeno-powered widget on a client website.
• When a client or prospective client contacts Botzeno directly.
• When a client creates or uses access to the Botzeno client portal.
• When a client pays for Botzeno or manages billing through Stripe or another payment provider.
• When analytics, cookies, logs, security tools, and server systems automatically collect technical information during website or service use.

6. Why we collect, hold, use, and disclose information

• To provide, operate, maintain, secure, and improve Botzeno.
• To generate AI-assisted responses in chat.
• To identify and extract lead details such as name, phone number, email, service interest, and enquiry intent.
• To route enquiries and leads to the relevant client by email, Telegram, or other configured delivery methods.
• To provide the client portal, magic link login, billing access, and account support.
• To process payments, subscriptions, setup fees, invoices, refunds, cancellations, and billing support.
• To monitor, troubleshoot, test, protect, and improve service reliability and security.
• To analyse product performance, service usage, and operational issues.
• To respond to support, billing, legal, privacy, cancellation, and operational enquiries.
• To comply with legal, accounting, tax, dispute, fraud prevention, security, and record-keeping obligations.

If relevant information is not provided, Botzeno may be unable to respond properly to an enquiry, route a lead to the intended business, provide billing access, or provide some parts of the service.

7. Payment and billing information

Botzeno uses third-party payment providers, including Stripe, to process payments, subscriptions, invoices, setup fees, refunds, and billing management.

When a client makes a payment or manages billing, payment details are entered directly into Stripe’s secure hosted pages. Botzeno does not collect, receive, store, or process full card numbers, card security codes, bank account login credentials, passport details, government identification documents, or other sensitive financial credentials.

Botzeno may receive and store limited billing metadata from Stripe, such as billing email, Stripe customer ID, subscription ID, invoice status, payment status, transaction references, billing event type, event ID, timestamps, and subscription status. Botzeno uses this information to operate subscriptions, provide support, reconcile payments, prevent duplicate billing actions, and maintain business records.

Stripe handles payment data under its own privacy policy, terms, security standards, and legal obligations.

8. AI processing

Botzeno may use AI service providers, including OpenAI, to generate responses, assist with enquiry handling, classify messages, extract lead details, improve prompts, and support service quality.

Information submitted through chat may be sent to AI systems for processing. This may include chat messages, recent conversation context, business configuration, and relevant prompt instructions.

Botzeno aims to limit the information sent for AI processing to what is reasonably necessary for the service. Clients should ensure their own website privacy notices and business processes explain and lawfully support their use of Botzeno and AI-assisted enquiry handling.

9. Disclosure to clients and service providers

Botzeno does not sell personal information. Botzeno may disclose personal information where reasonably necessary to:

• The business client operating the relevant Botzeno widget.
• Service providers and subprocessors used to operate the platform.
• Payment providers, billing providers, hosting providers, database providers, AI providers, email providers, messaging providers, analytics providers, and security providers.
• Professional advisers, accountants, consultants, or legal advisers.
• Regulators, courts, law enforcement, government agencies, or other parties where required or permitted by law.
• Protect the rights, security, property, and integrity of Botzeno, its clients, users, or the public.

Botzeno’s usual service providers may include:

• OpenAI for AI processing.
• Stripe for payment and subscription processing.
• Resend for email delivery.
• Telegram for lead notification delivery where enabled.
• Twilio / WhatsApp for WhatsApp lead notification delivery where enabled.
• Zoho for business email or related business operations where used.
• Google Analytics for analytics where enabled.
• Hosting, database, infrastructure, monitoring, and security providers used to operate the service.

10. Cross-border disclosure

Botzeno’s primary application hosting is in Sydney, Australia.

However, some personal information may be processed by third-party service providers located outside Australia, including providers located in the United States, Australia, and other countries where our service providers or their infrastructure operate.

Cross-border processing may occur when Botzeno uses AI providers, payment providers, email delivery providers, messaging providers, analytics providers, hosting providers, security providers, or support tools.

By using Botzeno chat features, client portal features, billing features, or related services, users acknowledge that information may be processed by providers located outside Australia where reasonably necessary to provide the service.

11. Client responsibilities for their own users

Clients who install or use a Botzeno widget on their website are responsible for ensuring that their own privacy notices, cookie notices, consent flows, website terms, clinic processes, and customer communications are appropriate and lawful for their business.

Clients are responsible for reviewing enquiries received through Botzeno, following up appropriately, handling customer or patient records, complying with privacy and health-related obligations, and responding to requests from their own customers where applicable.

If a visitor submits personal information through a Botzeno widget on a client website, that information may be provided to the relevant client so the client can respond to the enquiry.

12. Storage and retention

Botzeno takes reasonable steps to retain personal information only for as long as reasonably necessary for business, service, legal, support, billing, security, and operational purposes.

Botzeno’s current standard retention approach is:

• Chat messages: up to 90 days, unless a longer period is reasonably needed for support, security, dispute, backup, or legal reasons.
• Extracted lead records: up to 12 months, unless a longer period is reasonably needed for service, business, support, security, dispute, backup, or legal reasons.
• Billing metadata, invoices, subscription records, and accounting records: retained for as long as reasonably necessary for tax, accounting, legal, dispute, payment, and business record purposes.
• Technical logs and security records: retained for a period reasonably necessary for troubleshooting, monitoring, fraud prevention, abuse prevention, security, and service continuity.

Botzeno may delete, de-identify, aggregate, archive, rotate, or retain information earlier or later where reasonably necessary.

13. Security

Botzeno takes reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure.

These steps may include access controls, authentication controls, passwordless magic link access, HTTPS transport encryption, hosting safeguards, database access restrictions, rate limiting, webhook signature verification, operational monitoring, and separation of admin and client access where applicable.

However, no internet-based service, third-party provider, AI system, payment provider, or hosted environment can guarantee absolute security.

14. Cookies and analytics

The Botzeno website, demo, client portal, and related services may use cookies, session tokens, analytics tools, and similar technologies to provide login sessions, understand traffic, monitor performance, protect security, and improve the service.

This may include Google Analytics where enabled. Users can control some cookie and tracking settings through their browser.

Disabling cookies may affect access to some features, including the client portal.

15. Access, correction, and deletion requests

A person may request access to personal information Botzeno holds about them, ask for correction of inaccurate information, or request deletion of personal information by contacting info@botzeno.com.

Botzeno will take reasonable steps to review and respond to valid requests. Botzeno may need to verify the identity or authority of the person making the request.

Access, correction, or deletion may be limited where the information has already been delivered to a client, where the request should be handled by the relevant client, where Botzeno is required or permitted to retain it for legal, security, accounting, tax, backup, fraud prevention, dispute, billing, or operational reasons, or where immediate deletion is not technically feasible in all systems.

16. Privacy complaints

If a person believes Botzeno has mishandled personal information, they may contact info@botzeno.com.

Please include enough detail for Botzeno to investigate the matter properly. Botzeno will aim to respond within a reasonable time, usually within 30 days.

If a person is not satisfied with the response, they may be able to contact the Office of the Australian Information Commissioner (OAIC).

17. Dental and health-related use

Botzeno may be used by dental clinics and similar service businesses to collect enquiries and contact details.

Botzeno is not a medical provider and does not provide medical, dental, diagnostic, treatment, triage, prescription, or emergency advice.

Users should not rely on Botzeno chat for urgent, emergency, or clinical decision-making. If urgent care is needed, users should contact an appropriate healthcare provider or emergency service directly.

Clients remain responsible for any clinical communications, patient triage, appointment review, record handling, privacy compliance, and professional obligations that apply to their business.

18. Children

Botzeno is designed for business website enquiry handling and is not directed at children. Botzeno does not knowingly seek to collect personal information from children except where information is submitted through a client website enquiry flow and is reasonably necessary for the relevant client to respond.

If a parent, guardian, or client believes that information about a child has been submitted inappropriately, they may contact info@botzeno.com.

19. Changes to this Privacy Policy

Botzeno may update this Privacy Policy from time to time to reflect changes to the service, legal obligations, providers, billing systems, security practices, or operational practices.

The latest version will apply from the time it is published on the Botzeno website, unless a later effective date is stated.

20. Contact

For privacy requests, access or correction requests, deletion requests, complaints, support, billing, cancellation, or legal enquiries, contact:

info@botzeno.com