chatbukchatbuk
How it worksFeaturesAgentsBlogPricingFAQ
Start free

Legal

Privacy Policy

chatbuk is built for the most personal data there is — your money, plans, and habits. This policy explains, in plain language, what we collect, why, how we protect it, and the control you have over it.

Last updated: June 7, 2026

Our privacy principles

We design around four commitments, and the rest of this policy follows from them:

  • Minimize. We keep the derived facts you ask us to remember (an amount, a category) — not unnecessary copies of your raw documents.
  • Isolate. Your data is scoped to your account and workspace. Personal and business workspaces never mix.
  • Encrypt. Sensitive fields and the access tokens for any apps you connect are encrypted at rest.
  • Yours to take. You can export everything or delete it — permanently — at any time.

Information we collect

Information you provide

  • Account information: your name and email (and, if you sign in with Google, your Google profile basics).
  • Content you share: the messages, voice notes, and images you send to your agents.
  • Records you create: the structured entries your agent extracts from that content (for example, an expense amount, category, and date).

Information from connections

If you connect a third-party app (such as Google Sheets), we store the access and refresh tokens needed to act on your behalf. These tokens are encrypted and used only to perform the actions you ask for, such as appending a row to your own spreadsheet.

Information collected automatically

  • Usage & device data: basic logs needed to operate the service securely (for example, request timing, error diagnostics, and approximate technical metadata).
  • Cookies: strictly-necessary cookies for authentication and your preferences (see Cookies).

How we use your information

  • To run your agents — understanding your message and turning it into a record.
  • To remember and retrieve context so the agent can answer questions about your own data.
  • To generate insights and (if enabled) proactive nudges like budget alerts.
  • To sync to apps you have explicitly connected.
  • To secure the service, prevent abuse, and meet legal obligations.

We do not sell your personal data, and we do not show third-party ads.

AI processing

To understand your messages and produce replies, your content may be processed by trusted AI model providers acting as our processors. We send only what is needed to fulfill your request. Where supported, we use settings that prevent your content from being used to train third-party models. Before content is stored for long-term memory, personal identifiers are redacted so they are never embedded in our search index.

How we protect your data

  • Encryption in transit (TLS) and field-level encryption at rest for sensitive values and connection tokens.
  • Workspace isolation so each user's (and each workspace's) data is segregated.
  • PII redaction before any content is embedded for semantic memory.
  • Least-privilege access and audit logging for sensitive operations.

No system is perfectly secure, but we treat this data with the seriousness it deserves.

Who we share with

We share data only with service providers that help us operate, under contract and on our instructions:

  • Infrastructure & hosting (databases, vector store, queues).
  • AI model providers (to process your requests, as above).
  • Apps you connect (only the data needed for the action you requested).
  • Payment processors for subscriptions (we never store full card details).
  • Authorities where required by law, narrowly and with scrutiny.

Data retention & deletion

We keep your records and memory for as long as your account is active so the product is useful to you. When you delete a record, it is removed from our database, our semantic memory, and any derived aggregates together. When you delete your account, we delete the personal data we hold for you — your records, semantic memory, derived aggregates, and the connection tokens we stored — within a reasonable period, except where we must retain limited information to meet legal or accounting obligations.

Two things are intentionally not deleted with your account. First, data you synced into your own connected apps (for example, rows in your Google Sheet) lives in those apps and is yours to manage there — deleting your chatbuk account does not remove it from them. Second, content you contributed into a shared workspace or organisation belongs to that space, not to you individually; it remains for the other members and can only be removed by the space's owner or an admin — not by an individual member.

We may also keep aggregated, de-identified statistics that cannot identify you, to understand and improve the product.

Your rights & choices

  • Access & export — request a copy of your records at any time.
  • Correction — edit any record by chat or in the app.
  • Deletion — delete individual records, a workspace, or your entire account.
  • Withdraw connections — disconnect any third-party app; we delete the tokens we stored and revoke them with the provider where supported.

To exercise any of these, use the in-app controls or contact us. Depending on where you live, you may have additional rights under laws such as the GDPR or India's DPDP Act; we honor them.

International data transfers

We may process data in countries other than your own. Where we do, we use appropriate safeguards for cross-border transfers.

Children

chatbuk is not directed to children under 16, and we do not knowingly collect their data.

Cookies

We use strictly-necessary cookies to keep you signed in and remember preferences (like light/dark theme). We do not use cross-site advertising trackers.

Changes to this policy

We may update this policy as the product evolves. For material changes we will notify you in-app. Continued use after an update means you accept the revised policy.

Contact

Questions or requests? Reach our team at hello@chatbuk.com or via the contact page.

Have a question about this page? Contact us. This document is provided for transparency and may be updated; material changes will be announced in-app.