Privacy policy
This policy explains how Blaigent AI ("Blaigent", "we", "our") collects, uses, stores, and protects personal data when customers and their end-users interact with the Blaigent platform. It applies to our dashboard, widgets, APIs, voice channels, and all integrations we ship.
1. Controller vs. processor
For personal data that our customers route through Blaigent (for example, messages from their end-customers, voice recordings, contact records), the customer is the data controller and Blaigent is the processor. We process that data under a Data Processing Addendum (DPA) on the customer's documented instructions.
For the Blaigent marketing site, sign-up flow, billing, and support interactions, Blaigent is the controller of the limited account / billing data we collect directly from our customers.
2. What data we collect
- Account data: email, name, organization, password hash, workspace settings.
- End-customer conversations: text messages, voice recordings and transcripts, uploaded attachments, language detected, channel (web, WhatsApp, Telegram, Instagram, voice, email).
- Contact information that end-customers provide to our customers' agents: phone number, email, order number, delivery address.
- Agent trace metadata: intents classified, policies fired, tools called, LLM model used, latency, token counts. Used to debug and improve the agent.
- Product usage: API calls, dashboard events, feature flags.
- Billing data: plan, invoice history, payment method (tokenised by Stripe — we never see raw card data).
- Cookies & analytics: session ID, page views, device / browser hints, IP-derived country (no precise geolocation). Only set after affirmative consent.
3. Legal basis
- Contract (GDPR Art. 6(1)(b)): to deliver the Blaigent service to you and your end-customers.
- Legitimate interests (Art. 6(1)(f)): to keep the service secure, prevent abuse, and improve the platform with aggregated / anonymised signals.
- Consent (Art. 6(1)(a)): for non-essential cookies, marketing communications, and optional analytics.
- Legal obligation (Art. 6(1)(c)): to keep invoices, tax records, and privacy-consent evidence for statutory periods.
4. Subprocessors
We rely on the following subprocessors to deliver Blaigent. All are bound by a DPA and, where applicable, Standard Contractual Clauses (SCCs) for EU → non-EU transfers.
| Subprocessor | Purpose | Location |
|---|---|---|
| Groq | LLM inference (classification, generation) | US |
| Supabase | Managed PostgreSQL database | EU (primary) / US |
| Railway | Application hosting | US |
| Stripe | Payments and billing | US / EU |
| Twilio | SMS, voice PSTN termination | US |
| Deepgram | Speech-to-text | US |
| ElevenLabs | Text-to-speech voices | US |
| Cartesia | Low-latency text-to-speech | US |
| Google Cloud | TTS / STT backup providers, Gemini | US / EU |
| Daily.co | Real-time voice transport (WebRTC) | US |
| Twilio | Programmable Voice telephony & SMS | US / EU |
| Brevo | Transactional email | EU |
| HubSpot | CRM integration (optional, per-client) | US / EU |
| Shopify | E-commerce integration (optional, per-client) | US / EU |
5. Data retention
Retention windows are driven by the plan the customer is on. Older conversation data is purged on a rolling basis; consent records are preserved for as long as the applicable law requires.
| Plan tier | Conversation & trace retention |
|---|---|
| Free / Starter | 30 days |
| Growth | 90 days |
| Scale | 365 days |
| Enterprise | Unlimited (subject to contractual cap) |
Privacy consent records are retained for the lifetime of the account plus any statutory period required. Billing records are retained for the period required by applicable tax law (typically 5–10 years).
6. Data subject rights
Subject to applicable law, data subjects have the following rights over their personal data: access, rectification, erasure, restriction of processing, portability, and objection. For personal data processed by Blaigent as a processor, requests should be directed to the controller (our customer); we will assist the controller in fulfilling the request.
Blaigent customers can exercise DSAR (Data Subject Access Request) rights on behalf of their end-customers via our platform:
POST /api/v1/privacy/dsar/preview— preview what data exists for an end-customer (owner or admin).POST /api/v1/privacy/dsar/delete— irreversibly erase matching data (owner only, requires two-step token confirmation).GET /api/v1/privacy/dsar/export— export a JSON bundle for portability (owner or admin).
7. International data transfers
Where personal data is transferred outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses (SCCs) plus supplementary technical measures (encryption in transit, encryption at rest, access controls). A list of our current subprocessors and their locations is in section 4.
8. Security measures
- Encryption in transit: TLS 1.2+ on all public endpoints.
- Encryption at rest: AES-256 via managed database encryption.
- Server-side request forgery (SSRF) protection on outbound integrations.
- Admin audit logs: every privileged operation (data views, DSAR exports / deletions, retention cleanups) is recorded with a viewer identity, IP, timestamp, and resource reference.
- Role-based access control inside the dashboard (owner, admin, agent, viewer).
- Row-level isolation between organizations at the database layer; a planned two-phase rollout enforces PostgreSQL Row-Level Security (RLS) across tenant tables.
- Multi-factor authentication: MFA for Blaigent staff; customer MFA on the roadmap.
- Least-privilege access for Blaigent staff, reviewed regularly.
9. Cookies
We set a small number of strictly necessary cookies for session and security. Analytics / preference cookies are only set after affirmative consent via the cookie banner.
10. Contact & Data Protection Officer
Privacy questions, DSAR requests on your own data, or complaints can be
sent to privacy@blaigent.ai.
If you believe we have not handled your data properly you have the right
to lodge a complaint with your local supervisory authority.
11. Changes to this policy
We will update this page when our practices change materially. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will also be announced in-app or by email to workspace owners.