top of page

Privacy Policy

Introduction

Potential AI Inc. ("we," "our," or "us") is committed to protecting the privacy of our customers and their users. This Privacy Policy explains how we collect, use, store, and disclose information when businesses ("Customers") use our AI-powered chatbot solutions for sales, customer support, and employee and customer engagement.

By using our services, Customers agree to the collection and use of information in accordance with this policy.

Scope

This Privacy Policy applies to our web-based platform and any related services provided to our Customers. It covers personal data collected from businesses that use our AI solutions and sets forth your privacy rights.

 

Contacting Us About Data Protection

Potential is headquartered in New York, NY. For any inquiries or concerns regarding our personal data policies, practices, or if you wish to exercise your privacy rights, please feel free to reach out directly. Our team is committed to assisting you with any questions you might have and ensuring your data is handled with the utmost care and respect.

 

Privacy Team Contact Information:

privacy@potential.tech

 

Information We Collect 

We collect personal information about our website visitors and customers. With a few exceptions, the information is generally limited to: 

  • Name

  • Email

  • Company name 

  • Job title

We use this information to provide prospects and customers with services. We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.

Use of Potential’s Website

As is true of most other websites, Potential’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of Potential’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

Potential has a legitimate interest in understanding how members, customers and potential customers use its website. This assists Potential with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.

 

Cookies and tracking technologies
Potential makes available a comprehensive Cookie Notice that describes the cookies and tracking technologies used on Potential’s website and provides information on how users can accept or reject them. To view the notice, just click Cookie Notice.

 

Data Sharing and Disclosure

We do not sell or rent personal information. We may share data in the following circumstances:

  • With Service Providers: We may engage third-party vendors to assist with hosting, analytics, payment processing, and other business functions.

  • For Legal Compliance: We may disclose information if required by law, regulation, or a legal process.

  • For Business Transactions: In the event of a merger, acquisition, or sale of assets, data may be transferred to the new entity.

Data Protection

Mechanisms We implement industry-standard security measures to protect data from unauthorized access, loss, or misuse. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

We implement robust data protection mechanisms to safeguard your sensitive information:

  • Encryption: All customer data is encrypted using industry-standard encryption algorithms both at rest and in transit.

  • Access Control: We employ user roles and permissions to ensure that only authorized personnel can access sensitive data.

  • Rate Limiting: To protect against abuse, we implement rate limiting on our chatbots, controlling the number of requests per user.

  • Domain Allowlist: We provide controls to specify which domains your chatbot can be embedded on, adding an extra layer of security.

  • Infrastructure Security: Our database and application run on AWS infrastructure (us-east-1), managed by reputable providers including Supabase, Vercel, and Pinecone.

  • Compliance: We are GDPR compliant and are in the process of obtaining SOC 2 compliance to further strengthen our security measures.

  • No AI Training: We do not use your data to train AI models. We use Retrieval-Augmented Generation (RAG) to generate responses without compromising your data.

 

Cookies and Tracking Technologies

We use cookies and similar technologies to improve functionality and user experience. Customers can manage cookie preferences through their browser settings.

International Data Transfers

Information we collect about you will be processed in the United States. By using Potential’s services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, Potential is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.

Depending on the circumstance, Potential also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Potential in a manner that does not outweigh your rights and freedoms. Potential aims to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Potential and the practices described in this Privacy Statement. Potential also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Potential has received zero government requests for information.

User Rights Data Subject rights

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restrict processing

  • Right of data portability

  • Right to object

  • Rights related to automated decision making including profiling

This Privacy Notice is intended to provide you with information about what personal data Potential collects about you and how it is used. 

If you wish to confirm that Potential is processing your personal data, or to have access to the personal data Potential may have about you, please contact us.

 

You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Potential might have received the data from us; what the source of the information was; and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Potential, if it is inaccurate. You may request that Potential erase that data or cease processing it, subject to certain exceptions. You may also request that Potential cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Potential processes your personal data. When technically feasible, Potential will—at your request—provide your personal data to you.

 

Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Potential will provide you with a date when the information will be provided. If for some reason access is denied, Potential will provide an explanation as to why access has been denied.

Data Storage and Retention 

Your personal data is stored by Potential on its servers, and on the servers of the cloud-based database management services Potential engages, located in the United States. Potential retains service data for the duration of the customer’s business relationship with Chatbase and for a period of time thereafter, to analyze the data for Potential’s own operations, and for historical and archiving purposes associated with Potential’s services. Potential retains prospect data until such time as it no longer has business value and is purged from Potential systems. All personal data that Potential controls may be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at privacy@potential.tech

 

Children’s data 

We do not knowingly attempt to solicit or receive information from children.

 

Changes to this Policy We may update this Privacy Policy from time to time. We will notify Customers of any significant changes by posting the updated policy on our website.

Contact Us For questions or concerns regarding this Privacy Policy, please contact us at:

Potential AI Inc.
356 Broadway Unit 4 New York, NY 10013
privacy@potential.tech
 

bottom of page