Privacy Policy

Last updated: May 20, 2026. We take the protection and privacy of your data extremely seriously.

1 Collection of Personal Data

By accessing or utilizing the Echvio platform, we may collect the following categories of information:

  • Account Credentials: Full name, active corporate email address, secure password hashes, and payment tokens handled securely directly by Stripe.
  • Visitor Details: Information submitted dynamically in the pre-chat forms (typically visitor name and email) and all sent chat logs.
  • Technical Metadata: Client IP address, browser user-agent, operating system, and language state indicators.

2 How We Process Your Information

Data processing by Echvio is guided strictly by operational requirements:

  • Real-Time Delivery: Leveraging WebSockets to transmit chat messages between agents and visitors with zero latency.
  • AI Chatbot Operations: Performing vector inquiries on questions to retrieve corresponding replies from the custom knowledge database provided by the admin.
  • Abuse Prevention: Reviewing connection logs to protect against unauthorized modifications or API key compromise.
  • Usage Tracking: Calculating token consumption for AI calls and managing ongoing Stripe subscriptions.

3 Data Sharing Protocols

Privacy Promise: We never lease, trade, or sell customer databases or conversational histories to third-party marketing networks.

Data is solely shared for credit card processing under PCI-DSS compliance using **Stripe Inc.**, safeguarding transaction flows via high-grade tokenization.


4 Cloudflare Edge Serverless Hosting

Echvio operates completely serverless, deployed globally on **Cloudflare, Inc.**'s edge network.

Conversations, custom widgets, and configuration settings are fully stored and queried across distributed **Cloudflare D1**, **Cloudflare KV**, and **Durable Objects** datastores. This ensures absolute physical redundancy, reducing data loss risks and ensuring maximum regional compliance and performance.


5 GDPR & User Data Rights

If your organization or final visitors are residents of the EU or Brazil, we extend full compliance with **GDPR** and **LGPD** frameworks:

  • Access and Portability: Obtain details on exactly what personal data is recorded under your account.
  • Rectification: Easily update obsolete profile parameters directly from the dashboard screens.
  • Erasure (Right to be Forgotten): Permanently close your account, automatically deleting all linked widgets, billing histories, and chat logs from our serverless registers in cascade.

6 Technical Security and Cookies

Essential Cookies: Our web app uses strict, functional cookies to store session states, interface languages (`chat_lang`), and active UI themes. We do not use persistent advertising trackers.

Encryption in Transit: All data packets, including dashboard updates, secret credentials, and active WebSocket streams, are served strictly over secure connections using modern TLS configurations (HTTPS and WSS).

© 2026 Echvio. All rights reserved.