1. Introduction
Welcome to KD Scepter. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you register, log in, configure AI chatbots, embed widgets, or otherwise interact with the KD Scepter platform and services.
2. What We Are and Do
KD Scepter is a state-of-the-art conversational AI platform that enables businesses and individuals to design, train, test, customize, and deploy interactive AI chatbots. These chatbots can be embedded into external websites via customizable chat widgets to interact with website visitors, answer queries based on training files or website scrapes, collect lead generation information (such as visitor names and emails), and track real-time communication metrics.
3. Information We Collect
To provide our services, we collect several categories of information:
- Account Information: Your registration details, including your name, email address, password hashes, and profile picture (if using Google Auth).
- Chatbot Training & Configuration Data: Files you upload (PDFs, TXT, CSV, etc.), scraped website URLs, custom prompt instructions, UI configurations (colors, branding logos), and system prompts used to train and customize your chatbots.
- Widget Analytics & Lead Captures: Chat histories, message text, and lead details (names, email addresses, phone numbers) submitted by visitors interacting with your deployed chatbot widgets.
- Technical & Usage Data: Visitor IP addresses, geographic location info, browser type, operating system details, referral source, session timestamps, and interface usage telemetry.
- Billing and Transaction Data: Subscription details, billing history, and payment status. Actual card payments are handled securely by Stripe; we do not store raw credit card numbers.
4. How We Use Your Information
We use the collected information for the following purposes:
- Providing, operating, and maintaining the KD Scepter dashboard and embedded chat widgets.
- Processing user queries and generating contextually accurate AI responses through integrated LLM APIs.
- Managing user authentication, active sessions, and account security.
- Processing payments and tracking subscription plan tiers.
- Compiling usage analytics, monitoring rate limits, and improving scepter models.
- Allowing dashboard owners to download lead lists and read visitor conversation logs.
- Enforcing security policies, rate-limiting rules, and fraud detection.
5. Third-Party Data Processing
We work with trusted third parties to power core parts of our service:
- AI Model APIs: Depending on the model you select for your chatbot, your training data and visitor conversations may be processed by OpenAI, Anthropic, and/or Google as Large Language Model providers, in compliance with each provider's data processing and security terms.
- CRM & Automation Integrations: If you configure outbound webhook integrations (e.g. to HubSpot, Airtable, Zapier, or a custom endpoint), lead and conversation data collected by your chatbot will be sent to those third-party destinations as you've configured them. You are responsible for ensuring your use of these integrations complies with applicable privacy laws.
- Stripe: Securely processes all premium subscription plans and recurring transactions.
- MongoDB Atlas & Redis: Used for secure storage of account data, chatbot setups, and live session caching with encryption at rest and in transit.
6. Cookies and Tracking
We use session cookies and local storage tokens to preserve your logged-in session, remember your dashboard configuration preferences, and separate chat threads. You can manage or disable cookies in your browser settings, but doing so may limit your access to key features of the platform.
7. Data Security and Encryption
We employ enterprise-grade security protocols, including:
- Secure password hashing using bcrypt.
- JWT-based session authentication.
- HTTPS encryption for all web and widget traffic.
- Access control limits restricting chatbot configurations to verified owners.
8. Data Retention
We retain your information in accordance with the following policies and schedules:
- Chat and Conversation Logs:
- General landing page preview and test chatbot conversation logs (stored in our temporary playground database) are automatically and permanently deleted by a background cleanup service 24 hours after creation.
- Custom chatbot conversation logs (stored in our active customer databases) are retained indefinitely to provide history and analytics, or until the chatbot is manually deleted.
- Uploaded Training Files & Scraped Content:
- Scraped website content is stored directly within your chatbot configuration and is retained for the lifespan of that chatbot.
- Uploaded documents (such as PDFs, DOCX, or TXT files) are processed to extract text, and their segmented text chunks are stored securely in our database. We do not store raw documents on our server disks. These training chunks are stored indefinitely or until you manually delete the document.
- Subscription Cancellation & Chatbot Deletion:
- Subscription Cancellation: If your premium subscription is canceled, downgraded, or payment fails, your account is downgraded to "No active plan." Your chatbots, conversations, and settings are NOT deleted; instead, they are locked, and you will be unable to access or manage them until you reactivate your subscription.
- Chatbot Deletion: If you delete a chatbot from your dashboard, the chatbot's configuration, conversation history, and captured leads are permanently and immediately deleted from our active database. Once deleted, this information cannot be recovered.
- Captured Lead Data: Visitor lead information (names, emails, phone numbers) captured via your chatbot widgets is retained indefinitely to allow you to download and manage your lead list, or until you choose to delete the chatbot.
9. Your Rights
Depending on your jurisdiction, you have the right to request access to, correction of, or deletion of your personal data. You can delete your chatbots, uploaded training sources, and billing information directly inside the KD Scepter dashboard, or request complete account deletion by contacting us.
10. Contact Us
If you have any questions or feedback regarding this Privacy Policy, contact us at:
Email: kdscepter@gmail.com