Privacy Policy

AI TicketSolved ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect information when you use our platform at aiticketsolved.com ("Service").

This policy applies to all users of the Service, including account administrators, support agents, and end customers whose data is processed through the platform. If you have any questions, contact us at privacy@aiticketsolved.com.

Account Information: When you register, we collect your name, email address, company name, and payment information. Payment details are processed by our payment provider (Stripe) and are not stored on our servers.

Usage Data: We automatically collect information about how you use the Service, including pages visited, features used, ticket volume, and system performance metrics. This is collected via server logs and analytics tools.

Customer Support Data: We process the support tickets, emails, and conversations you route through the platform. This includes customer names, email addresses, and the content of support interactions.

Knowledge Base Content: Any documentation, FAQs, or product information you upload to build your AI knowledge base.

Communication Data: If you contact us via email or our contact form, we retain that correspondence.

To provide the Service: Processing support tickets, generating AI responses, managing your knowledge base, and providing analytics.

To improve the Service: Analysing aggregated, anonymised usage patterns to improve features and performance. We do not use your Customer Data to train general-purpose AI models without explicit consent.

To communicate with you: Sending transactional emails (password resets, billing), product updates, and, with your consent, marketing communications.

For security and fraud prevention: Monitoring for abuse, security incidents, and Terms of Service violations.

To comply with legal obligations: Responding to lawful requests from government authorities.

For users in the European Economic Area (EEA) and UK, we process personal data on the following legal bases:

Contract Performance: Processing necessary to deliver the Service you have subscribed to.

Legitimate Interests: Security monitoring, fraud prevention, service improvements — balanced against your rights.

Consent: Marketing emails and optional analytics. You may withdraw consent at any time.

Legal Obligation: Compliance with applicable laws.

We do not sell, rent, or trade your personal data.

We share data only with these categories of third parties:

Service Providers: Supabase (database and authentication), Pinecone (vector database for AI search), Stripe (payments), Resend (transactional email), Vercel (hosting). Each is bound by a Data Processing Agreement (DPA).

Legal Requirements: We may disclose information if required by law, court order, or to protect the rights and safety of AI TicketSolved, our users, or the public.

Business Transfers: In the event of a merger, acquisition, or asset sale, personal data may be transferred. We will notify you before your data is transferred and becomes subject to a different privacy policy.

We retain personal data for as long as your account is active or as needed to provide the Service.

After account termination, we retain data for 30 days to allow data export, then delete it permanently. Aggregated, anonymised analytics data may be retained indefinitely.

Backup copies may persist for up to 90 days in encrypted cold storage before being purged.

We implement industry-standard security measures including: TLS 1.3 encryption in transit; AES-256 encryption at rest; role-based access controls; regular penetration testing; SOC 2-aligned security practices.

Despite these measures, no internet transmission is 100% secure. If we discover a breach that affects your personal data, we will notify you within 72 hours as required by GDPR.

Our infrastructure is primarily hosted in the EU (Supabase EU region). Some third-party providers may process data in the United States. For EEA users, such transfers are covered by Standard Contractual Clauses (SCCs) approved by the European Commission.

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal data we hold about you.

Rectification: Request correction of inaccurate data.

Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal obligations.

Data Portability: Receive your data in a structured, machine-readable format.

Restriction: Ask us to stop processing your data in certain circumstances.

Objection: Object to processing based on legitimate interests or for direct marketing.

To exercise any of these rights, email privacy@aiticketsolved.com. We will respond within 30 days.

We use essential cookies required for authentication and session management. We also use analytics cookies (with your consent) to understand how visitors use our marketing pages.

You can control cookies through your browser settings. Disabling cookies may affect some Service functionality.

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

We may update this policy from time to time. We will notify you of material changes via email or prominent in-app notice at least 30 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

For privacy questions, to exercise your rights, or to reach our Data Protection Officer, contact us at:

Email: privacy@aiticketsolved.com

Address: AI TicketSolved, Dubai Internet City, Dubai, UAE