We're committed to protecting your privacy and being transparent about how we collect, use, and safeguard your data.
Last Updated: November 28, 2025
This Privacy Policy describes how Bob ("we," "us," or "our") collects, uses, stores, and protects your personal information when you use our AI-powered chatbot service. Bob is designed to help you search and interact with your cloud storage files through intelligent conversations. By using our service, you agree to the collection and use of information in accordance with this policy.
When you create an account or use Bob, we collect information such as your name, email address, company information, and authentication credentials. This information is necessary to provide you with access to our AI chatbot services.
With your explicit consent, Bob connects to your cloud storage services (OneDrive, Google Drive) via OAuth 2.0 authentication. We only access files and folders you explicitly authorize. We do not store your cloud storage credentials; instead, we use secure OAuth tokens that can be revoked at any time.
We automatically collect information about your interactions with Bob, including chat messages, queries, search patterns, file access logs, feature usage, and system performance data. This helps us improve our service and provide better AI responses.
We use essential cookies for authentication and session management, functional cookies for user preferences and settings, and analytics cookies to understand how you use our service. You can control cookie preferences through your browser settings.
We use your information to provide AI-powered chat assistance, search and analyze your cloud storage files (only those you've authorized), maintain your account and preferences, and ensure system security and reliability.
Your data helps us improve AI model performance, develop new features and capabilities, optimize search and retrieval algorithms, and identify and fix technical issues.
We may contact you to send service updates and important notifications, respond to your support requests, share relevant product announcements, and notify you of security or privacy updates.
We process your data as necessary to comply with legal obligations, protect against fraud and abuse, enforce our terms of service, and respond to valid legal requests.
We implement industry-standard security practices including end-to-end encryption for data in transit (TLS/SSL), encryption at rest for stored data, secure OAuth 2.0 authentication flows, regular security audits and penetration testing, role-based access controls, and automated threat detection and monitoring.
Your data is stored on secure, enterprise-grade cloud infrastructure with redundant backups. Chat history and metadata are stored in encrypted databases. OAuth tokens are encrypted and stored separately from user data. We maintain comprehensive access logs for audit purposes.
We retain your personal information for as long as your account is active. Chat history is retained according to your subscription plan (typically 30-90 days). OAuth tokens are retained until you revoke access. Account deletion results in permanent data removal within 30 days.
Bob integrates with Microsoft OneDrive and Google Drive. When you authorize access, we connect to these services on your behalf. We only access the specific files and folders you authorize. Your relationship with these providers is governed by their respective privacy policies and terms of service.
We use advanced AI language models to power Bob's intelligence. Your queries may be processed by third-party AI providers under strict data processing agreements. We do not share your personal information with AI providers beyond what's necessary to generate responses. All AI processing is subject to confidentiality and security requirements.
We use trusted third-party services for cloud hosting and infrastructure, analytics and performance monitoring, error tracking and debugging, and customer support tools. All third-party processors are bound by data processing agreements and required to maintain appropriate security standards.
You have the right to access all personal information we hold about you and export your chat history and data in a machine-readable format. Contact us to request a copy of your data.
You can update your account information at any time through your settings. You may request deletion of your personal data, subject to legal retention requirements. Account deletion permanently removes all associated data within 30 days.
You can revoke Bob's access to your cloud storage at any time through your integration settings or directly through your cloud storage provider. Revoking access immediately stops our ability to access your files.
You may object to certain data processing activities. You can opt out of non-essential analytics and marketing communications. Contact our privacy team to exercise these rights.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, use, and share; the right to request deletion of your personal information; the right to opt-out of the sale of personal information (note: we do not sell personal information); and the right to non-discrimination for exercising your privacy rights.
To exercise these rights, contact us at the information provided at the end of this policy. We will verify your identity before processing your request. We aim to respond to all verified requests within 45 days.
Bob operates globally and may transfer your data across international borders. We ensure all international transfers comply with applicable data protection laws. We use standard contractual clauses approved by relevant authorities and implement appropriate safeguards for international data transfers.
For users in the European Economic Area (EEA), UK, or Switzerland, we comply with GDPR requirements including lawful processing bases, data minimization principles, and your rights as a data subject under GDPR.
Bob is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected information from a child under 13, we will delete it immediately. Parents or guardians who believe we have collected information from a child under 13 should contact us immediately.
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of material changes via email or prominent notice in the application. Continued use of Bob after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.
We maintain a version history of our Privacy Policy. You can request previous versions by contacting our privacy team.
We use different types of cookies: Essential cookies (required for authentication and core functionality), Functional cookies (remember your preferences and settings), Analytics cookies (help us understand usage patterns), and Performance cookies (monitor system performance and reliability).
You can control cookies through your browser settings. Note that disabling essential cookies may impact your ability to use Bob. Most browsers allow you to refuse cookies, delete cookies, or notify you when a cookie is set.
If you have questions or concerns about this Privacy Policy or our data practices, please contact us.
Bob Privacy Team
Email: privacy@bob.ai (placeholder)
Address: [Company Address - To be added]
Data Protection Officer: For GDPR-related inquiries, you may contact our Data Protection Officer at dpo@bob.ai (placeholder)