Awisol

Privacy Policy

Effective date: March 3, 2026  ·  Last updated: March 3, 2026

1. Introduction and Scope

This Privacy Policy describes how Adaptive Web Intelligence Solutions LLC ("Awisol," "we," "us," or "our") collects, uses, and protects personal information in connection with the Awisol AI Knowledge Engine platform (the "Service") and the marketing website at awisol.com.

This policy covers two groups of people:

  • Account holders — businesses and individuals who register for and use the Awisol platform.
  • Widget visitors — individuals who interact with an Awisol-powered chat widget embedded on a customer's website.

By using the Service you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

2.1 Account Information

When you create an account we collect your email address, name, and either a password (stored as a bcrypt hash — never in plaintext) or a Google OAuth identifier. We also record your account creation date and your acceptance of our Terms of Use (timestamp and version). Billing information such as your payment method is handled directly by Stripe; we never store raw card numbers or full banking details.

2.2 Uploaded Documents

When you upload knowledge content (PDF, DOCX, TXT, Markdown) we collect the file itself and its extracted text. We also store document metadata: filename, upload date, processing status, and file size. Uploaded files are stored in private AWS S3 buckets; processed text chunks and vector embeddings are stored in our PostgreSQL database.

2.3 Chatbot Conversations

Questions submitted by your website visitors through the embedded chat widget and the AI-generated responses are stored and associated with your account. We also record which knowledge chunks were used to generate each answer and a session identifier for the conversation. Widget visitors are not required to create an account or provide any personally identifying information. We recommend that you advise your visitors not to submit sensitive personal data (such as financial account numbers, Social Security numbers, or health information) via the chat widget.

2.4 Analytics and Usage Data

We collect aggregate question counts, semantic intent clusters (groups of similar questions), and answer rates to power your analytics dashboard. We also capture internal API usage metrics — token counts, model, latency, and cost — for platform monitoring and billing purposes. Standard server logs include IP addresses, browser and operating system type, referring URL, and timestamps.

3. How We Use the Information

We use the information we collect to:

  • Provide, operate, maintain, and improve the Service;
  • Process your uploaded documents into searchable vector embeddings;
  • Generate AI-powered answers to visitor questions using your documents;
  • Send transactional emails — email verification codes, password reset links, billing receipts, and service notices — via SendGrid;
  • Detect and prevent abuse, spam, prompt injection, fraud, and other harmful activity;
  • Generate aggregate analytics to help you understand visitor intent and unanswered questions;
  • Monitor platform health and API usage for internal operational purposes;
  • Comply with applicable legal obligations.

We do not use your data for advertising or sell it to data brokers.

4. AI Processing and Third-Party Providers

The Service sends text to the OpenAI API to generate vector embeddings (for similarity search) and to generate chat responses. The data flow is:

Uploaded document text → our backend → OpenAI API → embedding vectors stored in our database; AI answer returned to the widget visitor.

We operate under OpenAI's API data processing terms. Your documents and visitor conversations are not used to train OpenAI's models. OpenAI retains API inputs and outputs for a limited period for abuse monitoring under their standard API terms (currently up to 30 days); zero-day retention is available under enterprise agreements.

We do not use your data to train our own AI models.

5. Data Storage and Retention

All data is stored in AWS infrastructure located in the United States.

  • Account and document data: retained for the duration of your account.
  • Post-termination: your content is deleted within 30 days after account termination or deletion (consistent with our Terms of Use §11).
  • Visitor chat messages: retained while your account is active; deleted along with your account.
  • Billing records: retained for up to 7 years for legal and accounting compliance.
  • Server logs: retained for up to 90 days.

You may request deletion of your personal data at any time (see Section 8).

6. Cookies and Analytics

  • Session cookies: used solely to maintain your authenticated session in the app dashboard. These are strictly necessary and expire when you log out or close your browser session.
  • Conversion tracking: we use conversion tracking pixels (Google, Meta) on the marketing website to measure the effectiveness of our advertising — for example, to know whether a click on an ad led to an account registration. These pixels may set third-party cookies on the marketing site. We do not use behavioral remarketing audiences or cross-site tracking on the app dashboard.
  • Widget visitors: the embedded chat widget does not set cookies on your visitors' browsers.
  • First-party analytics only: usage analytics displayed in your dashboard are derived from data stored in our own database. We do not use Google Analytics or similar third-party analytics tools on the app itself.

7. Data Sharing and Subprocessors

We do not sell your personal data. We share data only with the following subprocessors, and only to the extent necessary to operate the Service:

Subprocessor Purpose Location
OpenAI Embedding generation, AI response generation US
Amazon Web Services (AWS) File storage (S3), database hosting US
Stripe Payment processing US
SendGrid (Twilio) Transactional email delivery US

We may also disclose information if required to do so by law or in the good-faith belief that such disclosure is necessary to comply with legal obligations, protect and defend our rights or property, or protect the safety of our users or the public.

8. Your Rights

All users

  • Access: request a copy of the personal data we hold about you.
  • Correction: request correction of inaccurate or incomplete data.
  • Deletion: request deletion of your account and associated personal data.
  • Data portability: request your data in a machine-readable format.

EU / EEA users (GDPR)

You additionally have the right to restrict processing, object to processing based on legitimate interests, and lodge a complaint with your local supervisory authority. Our lawful basis for processing is performance of a contract (providing the Service to you) and legitimate interests (security, abuse prevention, and service improvement).

California users (CCPA)

You have the right to know what categories of personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, email us at info@awisol.com. We will respond within 30 days.

9. Security Practices

  • All data transmitted over TLS/HTTPS.
  • Passwords stored as bcrypt hashes — never in plaintext.
  • Database access restricted to application servers; not publicly accessible.
  • AWS S3 files stored in private buckets; accessed via time-limited presigned URLs.
  • JWT authentication tokens expire after 24 hours.
  • We conduct periodic security reviews and promptly address known vulnerabilities.

No method of electronic transmission or storage is 100% secure. While we implement commercially reasonable safeguards, we cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For material changes, we will provide at least 30 days' prior notice by email to the address associated with your account and by updating the "Last updated" date at the top of this page. Non-material changes (such as typographical corrections or clarifications that do not affect your rights) may be made without notice.

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy. If you do not agree to the updated policy, you must discontinue use of the Service.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Adaptive Web Intelligence Solutions LLC
2108 N ST #8448
Sacramento, CA 95816-5712
info@awisol.com