1 Collection of Personal Data
By accessing or utilizing the Echvio platform, we may collect the following categories of information:
- Account Credentials: Full name, active corporate email address, secure password hashes, and payment tokens handled securely directly by Stripe.
- Visitor Details: Information submitted dynamically in the pre-chat forms (typically visitor name and email) and all sent chat logs.
- Technical Metadata: Client IP address, browser user-agent, operating system, and language state indicators.
2 How We Process Your Information
Data processing by Echvio is guided strictly by operational requirements:
- Real-Time Delivery: Leveraging WebSockets to transmit chat messages between agents and visitors with zero latency.
- AI Chatbot Operations: Performing vector inquiries on questions to retrieve corresponding replies from the custom knowledge database provided by the admin.
- Abuse Prevention: Reviewing connection logs to protect against unauthorized modifications or API key compromise.
- Usage Tracking: Calculating token consumption for AI calls and managing ongoing Stripe subscriptions.
3 Data Sharing Protocols
Privacy Promise: We never lease, trade, or sell customer databases or conversational histories to third-party marketing networks.
Data is solely shared for credit card processing under PCI-DSS compliance using **Stripe Inc.**, safeguarding transaction flows via high-grade tokenization.
4 Cloudflare Edge Serverless Hosting
Echvio operates completely serverless, deployed globally on **Cloudflare, Inc.**'s edge network.
Conversations, custom widgets, and configuration settings are fully stored and queried across distributed **Cloudflare D1**, **Cloudflare KV**, and **Durable Objects** datastores. This ensures absolute physical redundancy, reducing data loss risks and ensuring maximum regional compliance and performance.
5 GDPR & User Data Rights
If your organization or final visitors are residents of the EU or Brazil, we extend full compliance with **GDPR** and **LGPD** frameworks:
- Access and Portability: Obtain details on exactly what personal data is recorded under your account.
- Rectification: Easily update obsolete profile parameters directly from the dashboard screens.
- Erasure (Right to be Forgotten): Permanently close your account, automatically deleting all linked widgets, billing histories, and chat logs from our serverless registers in cascade.
6 Technical Security and Cookies
Essential Cookies: Our web app uses strict, functional cookies to store session states, interface languages (`chat_lang`), and active UI themes. We do not use persistent advertising trackers.
Encryption in Transit: All data packets, including dashboard updates, secret credentials, and active WebSocket streams, are served strictly over secure connections using modern TLS configurations (HTTPS and WSS).