Privacy policy

We collect three categories of information:

• Account information — your email, name, password (stored as a bcrypt hash), and the business details you provide during onboarding (company name, seller name, local phone number).
• Integration credentials — your CRM API key and a per-account Anthropic API key generated by us. These are encrypted at rest using AES-256-GCM with a master key held in our hosting environment, never in our database.
• Customer Data — conversation history (SMS messages between you and your leads), lead metadata (names, phone numbers, status), bot activity logs, and disposition states. This data is mirrored from your CRM account and stored in your tenant's isolated database file on our hosting provider (Railway).

We use the information solely to:

• Provide the Service (authenticate you, send messages on your behalf, mirror conversation history).
• Process payments (via Stripe).
• Communicate with you about your account, security incidents, or material Service changes.
• Improve the Service (in aggregated, de-identified form only).
• Comply with legal obligations.

We do not sell your information. We do not use Customer Data to train AI models. The bot's generation calls to Anthropic are made under your isolated Anthropic workspace; Anthropic's policy on training is documented separately.

We use the following third-party providers ("subprocessors") to deliver the Service. Each is bound by their own privacy and security commitments:

• Anthropic — generative AI for message composition. Per-tenant workspace isolation. Spend capped per your plan.
• Your CRM — we authenticate via your API key. We do not see CRM data outside of what your API key authorizes.
• Stripe — payment processing. We never store full payment card data. Stripe is PCI-DSS Level 1.
• Railway — application hosting + database. Located in the United States.
• Resend (or equivalent transactional email provider) — sending account emails and password-reset links.

• Passwords are hashed with bcrypt (cost factor 12).
• Integration API keys are encrypted at rest with AES-256-GCM. The master encryption key is stored in environment variables, never in the database.
• Each tenant's Customer Data lives in a physically separate database file. There is no cross-tenant query path.
• Sessions are cookie-based with httpOnly + SameSite=Lax + Secure attributes. Session tokens are stored as SHA-256 digests; raw tokens are never persisted server-side.
• All connections are TLS-encrypted (HTTPS).
• We log every state-changing action for forensic auditing.

We retain Customer Data for the duration of your subscription. If you cancel, your data is preserved in read-only form for 30 days, then permanently deleted.

You may request immediate deletion of your account and all associated data by emailing privacy@peanutbutterbot.com. We will complete the deletion within 30 days. Audit log entries (which may reference user IDs) are retained for 7 years for compliance purposes; they do not contain Customer Data content.

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you.
• Correct inaccurate information.
• Request deletion (subject to legal retention requirements).
• Receive a portable copy of your data.
• Lodge a complaint with a data protection authority.

To exercise these rights, email privacy@peanutbutterbot.com. We will respond within 30 days.

The Service sends SMS messages to leads in your CRM account on your behalf. We act as a processor of these communications; you (the customer) are the controller responsible for the lawful basis of communication (TCPA consent, business-purpose exemption, etc). See our Terms of Service for your obligations.

The Service is not intended for individuals under 18. We do not knowingly collect personal information from minors.

Our infrastructure is hosted in the United States. If you are located outside the US, your information will be transferred to and processed in the US. We use standard contractual clauses (SCCs) or equivalent safeguards where required by your jurisdiction.

In the event of a security incident affecting your data, we will notify you within 72 hours of becoming aware of the breach, consistent with applicable data protection law.

We may update this Privacy Policy from time to time. Material changes will be communicated by email at least 14 days before taking effect.

Privacy questions or requests: privacy@peanutbutterbot.com