Privacy Policy

Last Updated 21 January 2026

Our Commitment

At Thinkpilot Ltd., we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use the Thinkpilot platform, including our website, desktop app, and browser extension.

1. Information We Collect

  • • Account information (name, email)
  • • Usage data and analytics
  • • Customer conversations and insights you process through the platform
  • • Communication records
  • • Payment information

Browser Extension: When using our browser extension, we also collect session tokens stored locally in your browser and pages you interact with. If you sign in with Google, we receive basic profile information (name, email, profile picture) from Google.

2. How We Use Your Information

We use your information to:

  • • Provide and improve our services
  • • Process payments
  • • Send service updates
  • • Provide customer support
  • • Analyze platform usage
  • • Prevent fraud and abuse

3. Data Protection

  • • All data is encrypted in transit and at rest
  • • Regular security audits
  • • Strict access controls
  • • Secure data centers
  • • Regular backups

4. Browser Extension Permissions

Our browser extension requests the following browser permissions:

  • storage – Store your login session locally in your browser
  • activeTab – Read the current tab's URL when you use the extension
  • tabs – Access tab information to get the URL of the page you are viewing
  • identity – Enable Google Sign-In functionality

Session tokens are stored locally and expire after 7 days. You can log out at any time to remove local session data.

5. Data Sharing Prohibition

IMPORTANT:

  • • We strictly prohibit the selling or trading of user data
  • • Violation of this policy will result in legal action
  • • Maximum penalties will be pursued for unauthorized data sharing
  • • We maintain detailed audit trails of all data access

While we never sell or trade your personal data, we do use trusted third-party service providers to help operate our platform. These providers are contractually obligated to protect your data and may only use it for the specific purposes outlined below.

6. Third-Party Services

To provide and improve our services, we use the following third-party service providers:

Analytics (PostHog)

  • Purpose: Product analytics and usage insights to improve our platform
  • Data shared: Anonymous usage events, email address (for user identification)
  • Privacy policy: posthog.com/privacy

Customer Communication (Intercom)

  • Purpose: Customer support and in-app messaging
  • Data shared: Name, email address, user ID
  • Privacy policy: intercom.com/legal/privacy

Conversion Tracking (Facebook/Meta Pixel)

  • Purpose: Measure advertising effectiveness
  • Data shared: Page views, conversion events (e.g., sign-ups)
  • Privacy policy: facebook.com/privacy/policy
  • Note: This tracking can be blocked by browser privacy settings or ad blockers

7. Your Rights

You have the following rights regarding your personal data:

  • • Right of access – to know what data we hold about you
  • • Right to rectification – to correct inaccurate or incomplete data
  • • Right to erasure – to request deletion of your personal data
  • • Right to restrict processing – to limit how your data is used
  • • Right to data portability – to receive a copy of your data
  • • Right to object – to object to certain types of processing
  • • Right to withdraw consent – at any time

To exercise your rights, please email us at [email protected]. We may ask you to verify your identity before acting on your request.

8. Data Retention

We retain personal and platform data for as long as your business account remains active.

If your subscription ends and the grace period passes without renewal, we may suspend access. Full data deletion will occur upon confirmed account termination or after a period of prolonged inactivity, as outlined in our Terms and Conditions.

Once your account is deleted, all associated user data, uploaded content, and usage logs are removed from our systems unless we are legally required to retain certain data (e.g., for tax or accounting compliance).

9. Account Deletion

You have the right to request deletion of your account and all associated data at any time. To request account deletion, please contact us at [email protected].

When you request account deletion, the following data will be permanently removed:

  • • Your account and profile information
  • • All processed conversations and insights
  • • All reports and generated content
  • • All notes and associated data

Deletion requests are typically processed within 30 days. You will receive confirmation once your account has been deleted. This action cannot be undone.

10. Legal Compliance

We comply with:

  • • GDPR
  • • CCPA
  • • Local data protection laws
  • • Industry security standards

11. Liability

Thinkpilot Ltd. accepts full responsibility for:

  • • Data protection
  • • Security breaches
  • • Unauthorized access
  • • Policy violations

Violations will result in:

  • • Legal prosecution
  • • Financial penalties
  • • Immediate corrective action

12. Contact Information

If you have questions, feedback, or concerns regarding this Privacy Policy or your data, you can contact us at:

Email: [email protected]

Postal Address:

THINKPILOT Ltd.

"Tsar Boris III" Blvd 212

Sofia 1619

Bulgaria