Privacy Policy — Intellika AI

On this page

Who we are
What we collect
How we use it
Legal basis
Sharing & third parties
Cookies & tracking
Data retention
Your rights
International transfers
Security
Children's privacy
Changes to this policy
Contact us

1. Who we are

Intellika AI ("Intellika," "we," "us," or "our") provides website AI assistants and related services. This Privacy Policy describes how we collect, use, disclose, and protect personal information.

This policy applies to two groups:

Customers — businesses who sign up for Intellika to deploy an AI assistant on their website, including team members on those accounts.
Visitors — end users who interact with an Intellika-powered AI assistant on a customer's website.

2. What we collect

Customer information

Account data: business name, your name, email address, password (hashed), billing details.
Configuration data: brand assets, business information, FAQs, policies, training documents you upload.
Usage data: dashboard activity, feature usage, plan tier, API calls.
Communications: support tickets, emails, call notes from consultations.

Visitor information (collected via the assistant on customer websites)

Conversation data: messages exchanged with the assistant, timestamps, conversation IDs.
Lead capture data: name, email, phone, intent, or other details that visitors voluntarily provide during a conversation.
Technical data: IP address (used briefly for abuse prevention and rate-limiting), browser type, page URL where the conversation started.

We do not collect special categories of data (health, biometric, etc.). If a visitor volunteers such information in a conversation, we treat it under the same security controls as other conversation data, but we don't use it to train or profile.

3. How we use it

To provide the service: hosting your assistant, processing conversations, capturing leads, sending you the dashboards and notifications you sign up for.
To improve quality: reviewing weak responses or escalations to refine the assistant — for your account specifically. We do not pool customer data to train shared models.
To bill you: running payment, sending invoices, handling refunds.
To support you: responding to questions, fixing issues, providing onboarding for done-for-you customers.
To keep the service safe: detecting abuse, preventing fraud, enforcing our Terms.
For legal compliance: responding to lawful requests, enforcing our rights, complying with regulations.

4. Legal basis (GDPR / UK GDPR)

For users in the EU, UK, and other jurisdictions with similar laws, we rely on the following legal bases:

Contract — to provide the service you've signed up for.
Legitimate interests — to improve and secure the service, prevent abuse, and run a sustainable business.
Consent — for non-essential cookies and marketing emails (you can withdraw at any time).
Legal obligation — to comply with tax, accounting, and regulatory requirements.

We don't sell personal information. We share data with the following categories of service providers, only to the extent needed to operate Intellika:

Hosting & infrastructure — cloud providers that host our app, databases, and backups.
AI model providers — OpenAI and similar providers, which process conversation messages to generate assistant responses. These providers process data under their own DPAs and do not retain data for model training when configured for API use.
Payment processing — third-party payment processors (e.g., Stripe) handle card data; we do not store full card numbers.
Email & notifications — providers that send transactional and product emails.
Analytics & product feedback — minimal analytics to understand product usage; testimonials and reviews are collected via Senja.io only with explicit customer consent.
Customer support tooling — to manage and respond to your support requests.
Legal & compliance — when legally required (court order, valid government request) or to protect rights, safety, and property.

6. Cookies & tracking

We use a small number of cookies:

Strictly necessary — to keep you signed in and the app working.
Preferences — to remember your theme choice (light/dark) on this site.
Analytics — privacy-respecting analytics that help us understand which pages convert; we don't use these to build advertising profiles.

You can disable cookies in your browser, but parts of the service may stop working. We do not respond to "Do Not Track" signals at this time.

7. Data retention

Account data — kept while your account is active and for up to 12 months after cancellation, then deleted or anonymized.
Conversation data — retained according to your plan and customer settings; can be deleted on request.
Lead capture data — passed to the customer who owns the assistant; we keep a copy for the same retention window as conversation data.
Billing records — kept as long as required by law (typically 7 years).
Backups — overwritten on a rolling schedule; full deletion can take up to 90 days after request.

8. Your rights

Depending on your jurisdiction (GDPR, UK GDPR, CCPA, and similar laws), you may have the right to:

Access the personal data we hold about you.
Correct inaccurate data.
Delete your data (subject to legal retention requirements).
Restrict or object to certain processing.
Port your data to another provider in a structured, machine-readable format.
Withdraw consent for processing based on consent.
Lodge a complaint with your local data protection authority.

To exercise any of these rights, email support@intellika.io. We respond within 30 days.

If you're a visitor who shared information with an assistant on a customer's website, that customer is the data controller and you should contact them directly. Intellika acts as a data processor for visitor conversations.

9. International transfers

Our infrastructure may process data in jurisdictions outside your country, including the United States. Where required, we use Standard Contractual Clauses or equivalent safeguards to protect personal data transferred internationally.

10. Security

We maintain technical and organizational measures to protect personal data, including encryption in transit (TLS), encryption at rest for sensitive data, access controls, regular security reviews, and limited employee access on a need-to-know basis. No system is 100% secure — if we discover a breach affecting your data, we will notify you and the relevant authorities as required by law.

11. Children's privacy

Intellika is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided information to us, contact support@intellika.io and we'll delete it.

12. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email (to customers) or a prominent notice on this page. The "Last updated" date at the top reflects the most recent revision.

13. Contact us

For privacy questions, data requests, or to report a concern:

Email: support@intellika.io
Web: intellika.io

This privacy policy is provided as a starting point and may need to be reviewed by qualified legal counsel for your specific jurisdiction (e.g., to add a registered company address, legal entity name, DPO contact, or jurisdiction-specific clauses such as full CCPA "Do Not Sell" notices).

Privacy Policy.