Legal

Privacy Policy

Last updated: March 2025

At CatAIS (“we”, “our”, or “us”), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our autonomous social commerce platform at catais.ai and any associated services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our services.

1. Information We Collect

Account Information

When you create a CatAIS account, we collect your name, email address, and a hashed password. If you sign in via Google OAuth, we receive your name, email address, and profile photo from Google, subject to your Google account privacy settings.

Platform Credentials

To connect your social and commerce platforms (Facebook, Instagram, WooCommerce, WordPress, Email, Telegram), we collect and securely store API tokens, access tokens, and configuration details you provide. These credentials are stored encrypted in Firebase Firestore and are used exclusively to operate the autonomous agent on your behalf.

Usage & Agent Data

We collect logs of agent actions including timestamps, platform sources, comment text, generated replies, detected intent classifications, and action outcomes. This data is stored under your user account and used to power your analytics dashboard.

Knowledge Base Content

Any product information, FAQs, brand voice instructions, or other content you upload to configure your agent is stored securely and used solely to generate replies on your behalf.

Technical Data

We automatically collect certain technical information including your IP address, browser type, operating system, referring URLs, and pages visited. This helps us diagnose issues, improve performance, and prevent abuse.

Payment Information

Billing and payment processing is handled by Stripe. We do not store your credit card number or full payment details. We receive a token and basic billing metadata (plan type, renewal dates) from Stripe.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Operate and maintain the CatAIS platform and your autonomous agent
  • Process and execute agent actions on connected platforms on your behalf
  • Provide real-time analytics and performance dashboards
  • Send transactional emails (account confirmations, billing receipts, important service notices)
  • Respond to your support requests and improve customer service
  • Detect, prevent, and address technical issues, fraud, and abuse
  • Improve our AI models and platform features using aggregated, anonymised data
  • Comply with legal obligations and enforce our Terms of Service

3. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following limited circumstances:

Service Providers

We work with trusted third-party providers who assist in operating our platform, including Google Firebase (database, authentication, hosting), Google Gemini AI (language model inference), and Stripe (payment processing). These providers are contractually bound to protect your data and may not use it for their own purposes.

Platform APIs

To operate your agent, we necessarily send data to and receive data from the platforms you connect (Facebook, Instagram, WooCommerce, etc.) using the credentials you provide. Your use of these platforms is governed by their respective privacy policies.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, to protect our rights or property, or to prevent harm.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4. Data Security

We implement industry-standard security measures to protect your information. These include:

  • Encryption in transit using TLS 1.2 or higher for all data transmitted between your browser and our servers
  • Encryption at rest for sensitive credentials and tokens stored in Firebase Firestore
  • Firebase Security Rules to enforce per-user data access controls
  • Regular dependency audits and security patches
  • API tokens stored with restricted read access, never exposed in client-side code

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security and encourage you to use strong passwords and keep your credentials confidential.

5. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access

Request a copy of the personal data we hold about you.

Correction

Request correction of inaccurate or incomplete personal data.

Deletion

Request deletion of your personal data, subject to legal obligations.

Portability

Request your data in a structured, machine-readable format.

Restriction

Request restriction of processing in certain circumstances.

Objection

Object to processing based on legitimate interests.

To exercise any of these rights, please email us at support@catais.ai. We will respond within 30 days. You may also submit a data deletion request via our Data Deletion page.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. Specifically:

  • Account data — retained until account deletion, plus up to 30 days for backup purposes.
  • Agent logs — retained for 90 days by default. Premium users may adjust retention settings.
  • Billing records — retained for 7 years as required by financial regulations.
  • Chat history — retained per your plan limits (5 entries on Free, unlimited on paid plans).

7. Cookies and Tracking

We use cookies and similar tracking technologies to maintain your session, remember your preferences, and analyse usage patterns. Specifically:

  • Authentication cookies — Firebase sets a session cookie to keep you logged in securely.
  • Preference cookies — store UI settings such as your selected dashboard view.
  • Analytics cookies — anonymised usage data to help us understand how the platform is used and where to improve.

You can control cookies through your browser settings. Disabling session cookies will prevent you from staying logged in.

8. Children's Privacy

CatAIS is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us at support@catais.ai and we will take steps to delete such information.

9. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

support@catais.ai
catais.ai
CatAIS — Autonomous Social Commerce AI

We aim to respond to all privacy-related enquiries within 5 business days.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, for material changes, notify you via email or an in-app notice. Your continued use of CatAIS after changes take effect constitutes your acceptance of the revised policy.

Back to HomeTerms of Service →