Trust & Security
GDPR & privacy
When your AI agent talks to your website visitors, it can handle personal data. This page explains, in plain terms, who is responsible for that data, what the agent may collect, the providers involved, and the practical steps you can take to delete data or answer a privacy request.
Ultimo Bots is built and run by a Switzerland-based company and is used by customers in the EU, the UK, and elsewhere, so the General Data Protection Regulation (GDPR) and similar laws may apply to how you use it. The good news is that most of what GDPR asks of you maps onto a few concrete actions in the product, plus knowing who to contact for the rest.
Who is the controller and who is the processor
GDPR splits responsibility between two roles, and it matters which one you are:
- You are the data controller. Your website and your agent are yours. You decide to collect visitor messages and contact details, and you decide what to do with them afterwards. That makes you responsible for having a lawful basis, for telling visitors what you collect (your own privacy notice), and for honouring their requests.
- Ultimo Bots is the data processor. We store and process that data on your behalf, to run the service you asked for. We act on your instructions and do not use your visitors' conversations to sell to third parties or to train our own models.
In short: the people in your conversations and leads are your contacts, not ours. We hold them so your agent can do its job, and you stay in control of them.
What personal data the agent may collect
How much personal data is involved depends on how you configure your agent and on what visitors choose to type. In practice it comes down to two things: the conversation itself, and any contact details captured as a lead.
- Conversation messages. The agent stores the chat between a visitor and your agent so you can review it later in Conversations and so the lead inbox can show the chat that produced a lead. A visitor may type personal information into a message, so treat transcripts as potentially containing personal data.
- Captured leads. When the agent turns a conversation into a contact, it saves the fields the visitor shared, typically a name, an email address, and a phone number, plus any custom fields you configured. These appear in Leads. See that page for exactly how capture works.
- Basic technical details. To run the chat and your analytics, the agent also records ordinary technical data tied to a conversation, such as an approximate country derived from the visitor's network address. Country-level analytics appear in Insights.
Your own account details (your name, email, and password) and your knowledge base are covered separately on the Data security page.
Providers involved (sub-processors)
To run your agent, Ultimo Bots relies on a small set of named providers that process data on our behalf. These are our sub-processors. The table below lists who they are and what they handle, so you can include them in your own records of processing.
| Provider | Role | What it handles |
|---|---|---|
| Microsoft Azure | Hosting and storage | Runs the Ultimo Bots application and database, where conversations and leads are stored, and holds files you upload as knowledge. |
| OpenAI | AI responses | Generates your agent's answers. At reply time, the visitor's message and the knowledge needed to answer it are sent to OpenAI. |
| Pinecone | Knowledge search | Stores the searchable index of your knowledge base so the agent can find the right passage to answer with. Each agent has its own isolated namespace. |
| Google (Gmail API) | Email delivery | Sends transactional and notification emails, such as new-lead alerts and account emails, which can include a lead's contact details and a conversation excerpt. |
| Stripe | Billing | Processes subscription payments. Your billing details are entered into Stripe's secure checkout. Visitor and lead data are not sent to Stripe. |
| IP geolocation provider | Approximate location | Looks up an approximate country from a visitor's network address so your country-level analytics work. It receives the network address only, not the conversation or any contact details. |
| Logging and monitoring provider | Diagnostics | Receives application logs and error reports that help us keep the service running. Logs can include technical details tied to a request, so we keep them to what is needed to operate and troubleshoot. |
These are the core providers for running the service. Connected sources and channels that you choose to enable, for example a Google Drive or OneDrive import, or a messaging channel, also involve the relevant provider for that integration. For the providers tied to the AI experience specifically, see the hosting section on the Data security page.
How to delete personal data
You can remove personal data yourself from the dashboard. Which action you take depends on whether you want to remove one record or everything tied to an agent.
| To remove | Do this | What is removed |
|---|---|---|
| A single lead | Open Leads and use the trash icon on the row, or select several and delete in bulk. | The lead record and its captured contact fields. The originating conversation transcript is kept (see the note below). |
| A whole agent | Delete the agent from your agent list. See Manage agents. | The agent and the data attached to it, including its leads, its knowledge base, and its live chat sessions. |
| Your whole account | Contact the team to have your account and its agents closed and removed. | Your account, your agents, and the data attached to those agents. |
Handling a visitor data request
If one of your visitors asks you to access, correct, or delete their data (a data-subject request under GDPR), you handle it as the controller. Ultimo Bots gives you the tools to find and act on the record:
Find the person
Look them up in Leads by their name or email, or in Conversations if they only chatted. The lead view shows the contact details captured and the conversation behind them.
Give them their data (access request)
To produce a copy of what you hold, use the Export option on the Leads view to download the lead and its transcript as a spreadsheet, then share the relevant part with the person. There is no one-click "send everything to this visitor" feature, so you assemble the response from these exports.
Delete or correct it (erasure request)
Delete the lead from the Leads view. To also remove the underlying conversation, or to erase every record for one person across several conversations, contact the team with the details and we will remove them, since deletion in the product is per record and there is no delete-by-email tool today.
Requesting a DPA or asking a privacy question
Under GDPR, a controller and a processor should have a data processing agreement (DPA) in place. If your organisation needs one, or you have any other privacy or data-protection question, the right step is to reach out so a person can handle it directly. We do not have a self-serve, click-to-sign DPA in the product today.
- To request a DPA, email build@ultimo-bots.com and tell us the legal name of your company. We will take it from there.
- For any other privacy question, including the current sub-processor list, where data is stored, or how a specific case should be handled, email the same address or see Help & support for all the ways to reach us.
Where to go next
Privacy and security go together. To see how data is protected and where it is hosted, or to work directly with the records this page refers to, follow these: