Privacy Policy

1. Introduction

Welcome to Ensoras ("Company," "we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our customer support platform for e-commerce businesses (the "Service").

By accessing or using our Service, you agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide to Us

• Account Information: Name, email address, company name, phone number, and billing information when you create an account or subscribe to our Service.
• Payment Information: Credit card details and billing addresses processed securely through Stripe. We do not store complete payment card information on our servers.
• Business Data: Customer support conversations, knowledge base content, workflow configurations, and integration settings you upload or create within our platform.
• Communications: Information you provide when contacting our support team or participating in surveys.

2.2 Information Collected Automatically

• Usage Data: Information about how you interact with our Service, including features used, pages visited, and actions taken.
• Device Information: Browser type, operating system, device identifiers, and IP address.
• Analytics Data: Performance metrics, error logs, and usage patterns to improve our Service.
• Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information and improve your experience.

2.3 Information from Third Parties

• Integration Data: When you connect third-party services (Shopify, Zendesk, Salesforce, etc.), we receive data necessary to provide our Service.
• Payment Processors: Transaction confirmations and billing information from Stripe.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our AI-powered customer support automation Service
• Process transactions and send related information, including purchase confirmations and invoices
• Train and improve our AI models to provide better automated responses (using aggregated, anonymized data)
• Send you technical notices, updates, security alerts, and administrative messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyze trends, usage, and activities in connection with our Service
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Comply with legal obligations and enforce our terms and policies

4. AI Data Processing (Optional Features)

Ensoras is primarily a manual customer support platform. AI-powered features are optional and can be enabled at your discretion. When you choose to use AI features, our Service may process customer support interactions using artificial intelligence for:

• Sentiment Analysis: Understanding the emotional tone of customer messages
• Intent Classification: Determining what customers are asking about
• Automated Responses: Generating contextually appropriate replies
• Knowledge Retrieval: Accessing your uploaded documentation to provide accurate information

4.1 Third-Party AI Providers

When AI features are enabled, your data may be processed by third-party AI service providers, including:

• OpenAI: Provider of GPT models (Privacy Policy)
• Anthropic: Provider of Claude models (Privacy Policy)
• Google: Provider of Gemini models (Privacy Policy)

Data sent to these providers includes support ticket content necessary to generate AI responses. These providers process data according to their respective privacy policies and data processing agreements. We use API-based access which typically means:

• Your data is not used to train their general AI models
• Data is processed only to provide the requested service
• Data retention is limited according to their API terms

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: With vendors who perform services on our behalf (hosting, payment processing, analytics)
• AI Providers: When you enable AI features, support ticket content is shared with third-party AI providers (OpenAI, Anthropic, Google) to generate responses
• Integration Partners: With third-party platforms you choose to connect to our Service
• Legal Requirements: When required by law, subpoena, or other legal process
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize us to share your information

6. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS 1.3) and at rest (AES-256), regular security audits, access controls, and secure development practices. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide our Service. Upon account termination, we will delete or anonymize your data within 90 days, except where retention is required for legal, accounting, or legitimate business purposes.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal information
• Portability: Request a machine-readable copy of your data
• Opt-Out: Unsubscribe from marketing communications at any time
• Restriction: Request limitation of processing in certain circumstances

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including:

• EU Standard Contractual Clauses (SCCs): We use SCCs approved by the European Commission for transfers to countries without an adequacy decision
• Adequacy Decisions: Where available, we transfer data to countries recognized by the EU as providing adequate data protection
• Supplementary Measures: Where necessary, we implement additional technical and organizational measures to ensure an equivalent level of protection

10. Children's Privacy

Our Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will take steps to delete that information.

11. GDPR Rights (EU Users)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: You have the right to obtain confirmation of whether we process your personal data and to access that data
• Right to Rectification: You have the right to correct inaccurate personal data and to complete incomplete data
• Right to Erasure: You have the right to request deletion of your personal data in certain circumstances
• Right to Restrict Processing: You have the right to request restriction of processing in certain circumstances
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format
• Right to Object: You have the right to object to processing based on legitimate interests or for direct marketing purposes
• Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw consent at any time

Data Controller: MB Kimarta (trading as Ensoras), Maironio g. 14-11, Kaunas, Lithuania, is the data controller responsible for your personal data.

Supervisory Authority: You have the right to lodge a complaint with the State Data Protection Inspectorate of Lithuania (vdai.lrv.lt) or with your local supervisory authority if you believe your rights have been violated.

12. CCPA Rights (California Users)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions
• Right to Opt-Out: You have the right to opt-out of the sale of your personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights

We Do Not Sell Personal Information: Ensoras does not sell, rent, or trade your personal information to third parties for their marketing purposes.

13. Cookie Policy

We use cookies and similar tracking technologies to collect and store information. The types of cookies we use include:

• Essential Cookies: Required for the operation of our Service. These include cookies for authentication, security, and session management
• Functional Cookies: Used to remember your preferences and settings to enhance your experience
• Analytics Cookies: Used to understand how visitors interact with our Service, helping us improve functionality and user experience

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after such modifications constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: