
We recognize that your privacy is very important and take it seriously. This Privacy Policy describes the policies and procedures of ChatBucket ("ChatBucket", "we", "us", or "our") regarding the collection, use, and disclosure of your information when you use our platforms, mobile applications, APIs, and related services (collectively, the "Services"). It also informs you about your privacy rights and how the law protects you.
By using our Services, you consent to the collection, use, and disclosure of your information in accordance with this Privacy Policy. We will not use or share your Personal Data with anyone except as described in this Privacy Policy.
Capitalized terms not defined in this Privacy Policy have the meanings given to them in our Terms of Use.
With that in mind, this Privacy Policy is designed to describe:
This Privacy Policy is intended to meet our duties of transparency under the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), China's Personal Information Protection Law (PIPL), and India's Digital Personal Data Protection Act (DPDP Act).
We will post any modifications or changes to this Privacy Policy on this page.
Who we are: ChatBucket is a company registered in India (referred to as "ChatBucket", "we", "us", or "our" in this Privacy Policy).
Our address is Plot No. 106, Shalivahana Nagar Road, Srinagar Colony, SBH Colony, Yousufguda, Hyderabad, Telangana 500073, India.
How to contact us: For general support, privacy-related inquiries, or data subject requests, please contact us at: hello@ChatBucket.business.
It is important that you identify which relationship(s) you have with ChatBucket to understand our data protection obligations and your rights under this Privacy Policy.
"Visitor/Prospect" An individual who visits our website, reviews documentation, or interacts with our marketing pages without creating an account.
For this data, ChatBucket is a data controller.
"User" An individual who creates or uses a ChatBucket account (e.g., developer, merchant admin, operator, or team member) and interacts directly with our apps, dashboards, SDKs, or APIs.
For this data (account, usage, support, billing), ChatBucket is a data controller.
"Customer (Merchant/Developer Organization)" A business entity that contracts with ChatBucket to use our platform and developer tools.
For data we collect about the Customer's representatives (e.g., admins, developers, finance contacts), ChatBucket is a data controller.
"End User (Processed via a Customer)" An individual whose Personal Data is submitted to ChatBucket by a Customer through our Services (for example, via API/SDK, webhooks, or integrations the Customer enables, such as messaging apps or KYC providers). In these cases, ChatBucket processes Personal Data on behalf of the Customer and is a data processor (or sub-processor, where applicable) under our Data Processing Agreement (DPA). The Customer is the data controller for such End-User Personal Data.
Hereinafter, we may refer to Customers and Users collectively as "You".
Under GDPR, CCPA, PIPL, and DPDP Act, you may have certain rights concerning your Personal Data, including:
Access to Personal Data
You can request a copy of your Personal Data and verify lawful processing.
Correction (Rectification) of Personal Data
You can ask us to correct any incomplete or inaccurate Personal Data we hold.
Erasure (Deletion) of Personal Data
You can request deletion of your Personal Data where there is no legal reason to keep it. Under CCPA, you can request deletion unless a relevant exception applies (e.g., legal obligations).
Objection to Processing
You may object to processing where we rely on 'legitimate interest.' Under CCPA, you can also opt out of 'selling' your Personal Data if we engage in such practices.
Restriction of Processing
You may request that we suspend or limit processing of your Personal Data in certain circumstances.
Data Portability
You can request your Personal Data in a structured, commonly used, machine-readable format.
Withdrawal of Consent
If you have provided consent, you can withdraw it at any time (though this does not affect processing carried out before withdrawal).
Non-Discrimination (CCPA)
California residents have a right not to receive discriminatory treatment for exercising privacy rights.
If You wish to exercise any of these rights, please contact us at hello@ChatBucket.business. We may request additional information to verify your identity. Typically, we aim to respond to requests within 30 days. In some cases, this period may be extended if Your request is complex or if multiple requests are made. We will inform You if more time is needed.
Contact us at hello@ChatBucket.business. We may request additional information to verify Your identity. We typically respond within 30 days or in accordance with local law.
We may process Personal Data relating to the following groups, depending on how you use ChatBucket and which features/integrations you enable:
We may process your personal data received directly from You or from other sources. Therefore, Your personal data may be processed:
ChatBucket uses Personal Data to provide and secure the Services, comply with law (e.g., KYC/AML where applicable), and improve reliability and support.
We collect information in three ways: (1) when you provide it to us, (2) automatically through operating our Services, and (3) from outside sources you connect or that support our compliance and operations.
The amount and type of information depends on your use of the Services and features you enable:
We also collect some information automatically:
We may create and use aggregated, de-identified data for analytics, benchmarking, and service improvement. Aggregated data does not identify you. If we ever combine or connect aggregated data with Personal Data so it can identify you, we treat the combined data as Personal Data.
Our Services are not directed to, and we do not knowingly collect information from, children under the age of 18. If you believe that a child under 18 may have provided us with Personal Information, please contact us.
Information that You choose to make public can be disclosed publicly.
That means, of course, that information like any content that you make public on Your website is all available to others. Public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what You would like to share.
ChatBucket may collect non-personally identifiable information regarding your usage of our websites and platforms, including the pages You viewed, demographic data such as server locations, and other information that does not identify You. Like most online services, we also use cookies and other technologies that may collect Personal Data.
What are cookies? When you visit the Services, we may send one or more "cookies" – small data files – to Your computer to uniquely identify your browser and let ChatBucket help you enhance your navigation through the Site. A cookie may convey anonymous information about how you browse the Services to us so we can provide you with a more personalized experience, but does not collect personal information about you. A persistent cookie remains on your computer after you close your browser so that it can be used by your browser on subsequent visits to the Service. Persistent cookies can be removed by following your web browser's directions. A session cookie is temporary and disappears after you close your browser.
What types of cookies do we use? Our websites use the following types of cookies for the purposes set out below:
| Type of Cookie | Purpose |
|---|---|
| Essential Cookies | These cookies are essential to provide you with services available through our Websites and to enable you to use some of its features. For example, they help the content of the pages you request to load quickly. |
| Security Cookies | These cookies enable and support our security features, and to help us detect malicious activity. |
| Functionality Cookies | These cookies allow our Websites to remember choices you make when you use our Websites, such as remembering your preferred language. |
How can I disable cookies? You can typically reset your web browser to refuse all cookies or to notify you when a cookie is being sent. In order to do this, follow the instructions provided by your browser (usually located within the "settings", "help" "tools" or "edit" facility). Many browsers are set to accept cookies until you change your settings.
If you do not accept our cookies, you may experience some inconvenience in your use of our Services and some features of the Service may not function properly.
We automatically collect certain information about how You use and navigate our Services (e.g., IP address, browser type, device data). We use these logs for troubleshooting, security monitoring, and usage statistics.
We generally use Personal Data for various purposes, including delivering and improving our Services, managing our platforms, and providing customer and technical support. Additionally, we utilize this data for conducting research and analysis about our Platform, verifying user identity, and preventing fraud or other unauthorized or illegal activities. Our use of Personal Data also extends to enforcing or exercising any rights outlined in our Services Agreements.
We have set out below, more detailed examples of relevant purposes for which we may use your Personal Data.
| Purpose | Why do we do this |
|---|---|
| Providing, updating, and maintaining our Services, and business | To deliver the Services you have requested, including but not limited to: creating and managing Your account, authentication, feature enablement, API/SDK/webhooks, fraud/abuse prevention, and verifying identity (KYC). |
| Research and development | To enable us to improve the Services and better understand our customers and the markets in which we operate. For example, we may conduct or facilitate research and use learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns, areas for additional features and improvement of the Services and other insights. We also test and analyze certain new features with some users before introducing the feature to all users. |
| Communicating with users about the Services | To send communications via email, including, for example, responding to your comments, questions and requests, providing customer support, and sending you technical notices, service updates, security alerts. We may also provide tailored communications based on your activity and interactions with us. |
| Providing customer and technical support | To respond to your requests for assistance, comments and questions, to analyze crash information, to repair and improve the Services and provide other customer support. |
| Enhancing security | To keep our Services and associated systems operational and secure, including, for example, verifying activity, monitoring and investigating suspicious or fraudulent activity and to identify violations of our terms and policies. |
| To comply with applicable law, legal process and regulations and protect legitimate business interests | As we believe is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organization or audit or to protect the safety of any person, to address fraud, security issues, or to protect our legal rights, interests and the interests of others. |
We don't engage in solely automated decisions with legal/similarly significant effects without required safeguards; where automated signals are used (e.g., fraud/KYC), you can request human review where the law provides.
ChatBucket builds AI-powered communication features (translation, transcription, captions, voice synthesis, sign-language interpretation, summarization, and intelligent agents). We treat customer privacy and confidentiality as a foundational principle in our model development practices.
| Recipients | Why we share it |
|---|---|
| Our Third Party Sub-Processors | Our subprocessors may access your Personal Data to help us develop, maintain and provide our Services and help manage our customer relationships. |
| Service Providers | Our service providers provide us support for our Services, including, for example, development tools, hosting, maintenance, backup, storage, virtual infrastructure, analysis, compliance reviews, banking services, and other services for us, which may require them to access or use Personal Data about You. |
| Professional Advisers | Our lawyers, accountants and consultants may need to review Your personal data to provide consultancy, compliance, banking, legal, insurance, accounting and similar services. |
| Legal and Taxing Authorities, Regulators and Participants in Judicial Proceedings | We may disclose Your Personal Data if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, rule of a self-regulatory organization or audit or to protect the safety of any person, to address fraud, security or technical issues, or to protect our legal rights, interests and the interests of others, such as, for example, in connection with the acquisition, merger or sale of securities or a business (e.g., due diligence). |
With Your Consent. We may share and disclose information with Your consent or at Your direction. For example, we may share Your information with third parties with which You authorize us to do so.
ChatBucket builds AI-powered communication features (translation, transcription, captions, voice synthesis, sign-language interpretation, summarization, and intelligent agents). We treat customer privacy and confidentiality as a foundational principle in our model development practices.
ChatBucket aims to respect customer privacy and confidentiality in its model development practices. We do not use customer private conversations, end-to-end encrypted communications, or enterprise customer business content to train public, shared, or third-party AI models, except where (i) you have provided explicit, opt-in contractual consent, (ii) it is required to deliver a feature you have specifically requested, or (iii) it is necessary for security, fraud prevention, or platform integrity. Specific training arrangements, where applicable, are governed by your Order Form, Data Processing Agreement (DPA), or product-specific terms.
Aggregated, de-identified, or anonymized telemetry and operational metrics may be used to improve platform reliability, performance, security, abuse detection, and overall service quality. Such data does not identify any individual or customer.
AI Outputs (translations, transcriptions, voice synthesis, summaries, etc.) may contain inaccuracies, delays, omissions, or unintended interpretations. Users are responsible for reviewing and verifying AI Outputs before relying on them for business, legal, medical, financial, compliance, or operational purposes. AI features may be updated, retrained, or discontinued without prior notice.
We do not engage in solely automated decision-making with legal or similarly significant effects without required safeguards. Where automated signals influence consequential outcomes (e.g., fraud or KYC determinations), you may request human review where applicable law provides.
We retain your Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including those specified under 'How We Use Your Personal Data and Why'. This includes:
We may also retain data beyond the termination of your contract for the duration necessary to pursue legitimate business interests, conduct audits, or fulfill regulatory obligations.
After the applicable retention period, we securely delete or anonymize any Personal Data that is no longer required.
We currently operate and contract in India. Production workloads are hosted primarily in AWS India regions (e.g., Hyderabad/ap-south-2), with DigitalOcean used as needed under the cloud shared-responsibility model. End-to-end encrypted messaging/calls are not stored server-side; we retain only limited-service data. Backups are encrypted; any cross-region storage is selected to meet contractual/regulatory obligations.
We also rely on certain vetted service providers (e.g., Cloudflare for security/CDN; Google Workspace/Drive for internal storage) under data-processing terms. These providers can be configured to meet cross-border safeguards and do not change our commitment to minimize personal data at rest.
EU/UK residents. When we process EU/UK personal data outside the EEA/UK, we use approved transfer tools (e.g., the EU Standard Contractual Clauses and UK addendum) and apply data-minimization, encryption, and short retention.
California residents. CCPA does not mandate U.S. storage. Where personal information is transferred cross-border, we ensure downstream service providers honor CCPA obligations and consumer rights (access, deletion, correction, opt-out/limit).
China (PIPL). If we process personal information of individuals in China and transfer it overseas, we will obtain required consents and rely on PIPL-compliant mechanisms (e.g., CAC security assessment where thresholds apply, or China-recognized standard contracts where permissible). We will also honor PIPL rules for sensitive data and automated decision-making. (We do not target the PRC at launch.)
India (DPDP Act). The DPDP Act currently permits cross-border transfers in principle unless restricted by future government notifications. For Indian users today, encrypted KYC data is stored in India; other processing follows data-minimization and reasonable security safeguards.
Notes on residency choices. Where customers, regulations, or payment rails require residency (e.g., India UPI data), we keep data in-country. Otherwise, region selection and any mirrored/backup locations are configured to satisfy applicable law, contractual commitments, and security best practices.
ChatBucket employs industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of Your personal information. Access to Your Personal Data is restricted to employees and other staff with a business need for such access, all of whom are bound by a contractual duty of confidentiality.
We conduct periodic reviews of our policies and procedures to assess their effectiveness and ensure they remain up-to-date. Additionally, we have established procedures to address any actual or suspected Personal Data breaches.
It's important to note that ChatBucket cannot guarantee the protection, control, or management of your Personal Data as outlined in this Privacy Policy if You share Your login and password information with any third party, including those operating websites or providing other services.
Our Services may contain links to external sites not operated or controlled by ChatBucket. We are not responsible for their content, accuracy, or privacy practices. Once You navigate away from our Services, this Privacy Policy no longer applies. We encourage You to read the privacy policies of those third-party websites to learn how they collect and process Your information.
If you are a Customer integrating our Services to manage Personal Data of Your end users:
We reserve the right, at our sole discretion, to modify, add, or remove portions of this Privacy Policy at any time. Any changes become effective immediately upon posting on this page. We encourage You to periodically review this Privacy Policy. If we make material changes, we may notify you by email or post a prominent notice on our Platform prior to the change becoming effective.
Live Limitless
hello@chatbucket.businessSmarter conversations
start here Early access. New features. Updates

@ 2026 ChatBucket. All rights reserved