BBob
Sign inGet started

Privacy Policy

Last updated: 2026-06-20

Who we are

Bob is operated by ai5labs Research OPC Pvt Ltd (India). Bob is an AI front-desk assistant for businesses: it answers your website chat, email, and intake forms, books appointments, captures customer details, and drafts messages for your approval. This policy explains what data Bob handles and how.

What we store

  • Your account — email, optional name, and your business profile (name, hours, pricing, policies, tone). Kept while your account is active.
  • Knowledge & skills — the documents and skill settings you add so Bob can answer in your words.
  • Customer data — conversations a customer has with Bob (web chat, email, or a connected channel), and the records Bob captures (contacts, leads, bookings). This is your data; you can browse, export, or delete it from the dashboard.
  • Review — the drafts Bob prepares and your send/cancel decisions (which also help Bob learn your voice).
  • Billing — subscription status and redacted payment metadata. Retained 7 years as financial records.
  • Logs — IP, user agent, and timestamps for security and abuse prevention. Retained 30 days.

How Bob uses AI

To understand a customer message and draft a reply, Bob sends the message and the relevant business knowledge to an AI model provider. Anything that sends an email, books an appointment, or otherwise acts can be held for your approval first. We do not sell your data or your customers' data, and we do not use it to train our own models.

Sub-processors

  • Supabase— database & authentication
  • Vercel— website & dashboard hosting
  • Fly.io — backend service hosting
  • AI model providers (e.g. Anthropic, OpenAI) — generate Bob's replies; they do not retain your data for training under our agreements
  • Email & messaging providers — deliver email on your domain and messages through the channels you connect (e.g. Slack, WhatsApp, Twilio)
  • Dodo Payments — merchant-of-record for subscriptions (receives billing email, address, payment method)

Your rights

Under GDPR (EU), DPDP (India), CCPA (California), and similar laws you can access, export, correct, delete, or restrict processing of your data. You can export or delete records from the dashboard, or email privacy@ai5labs.com and we will respond within 30 days. Deleting your account removes your profile, knowledge, records, and conversations.

Security

  • TLS on every connection; data encrypted at rest.
  • Row-level security so each business can only ever see its own data.
  • Customer-facing actions use review controls by default.
  • Connector secrets (Slack, WhatsApp, etc.) stored encrypted.

This is a plain-language summary while Bob is in beta; final terms will be drafted with counsel. We announce material changes at least 30 days before they take effect.