Privacy Policy

Introduction

TeleCetli Kft. ("SupportHub", "Gridex AI", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered customer support platform.

This policy applies to all information collected through our services, including our website, API, support chat and voice widgets, customer portal, and any related services, sales, marketing, or events.

Data Controller Information

Definitions

For the purposes of this Privacy Policy:

Information We Collect

Information You Provide Directly

• Account Information: Name, email address, company name, and password when you register for an account
• Business Information: Company name, industry, team size, and business configuration details
• Payment Information: Billing address and payment method details (processed securely through Stripe)
• Communication Data: Content of emails, support tickets, and feedback you send us
• Configuration Data: Custom settings, workflow rules, SLA configurations, and integration preferences
• Voice Data: Voice session transcripts and metadata when voice support is enabled
• CSAT Data: Customer satisfaction survey responses and feedback
• Customer Portal Data: Customer profiles created via magic link authentication

Information Collected Automatically

• Usage Data: Information about how you interact with our services, including conversation logs, feature usage, and performance metrics
• Device Information: Browser type, operating system, IP address, and device identifiers
• Analytics Data: Pages visited, time spent, navigation paths, and interaction patterns
• Support Widget Data: Customer interactions through embedded chat and voice widgets on your website

Information from End Users

When your customers interact with the SupportHub support widget on your website or through the customer portal, we collect:

Legal Basis for Processing

We process personal data based on the following legal grounds under GDPR:

• Contract Performance: To provide our services and fulfill our contractual obligations
• Legitimate Interests: To improve our services, ensure security, and conduct business operations
• Consent: For optional analytics cookies and any future marketing communications you opt into
• Legal Obligations: To comply with applicable laws and regulations

How We Use Your Information

We use the collected information for the following purposes:

Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

Service Providers

• Microsoft Azure: Cloud infrastructure, data storage, and AI model services (Azure OpenAI). IMPORTANT: Azure guarantees that your prompts, completions, embeddings, and training data are NOT available to other customers or Microsoft, and are NEVER used to train, retrain, or improve Azure OpenAI models or any Microsoft products. Your data remains exclusively within your Azure tenant with AES-256 encryption.
• Stripe: Payment processing (PCI-DSS Level 1 certified)
• Keycloak: Authentication and identity management
• legal.privacy.sections.dataSharing.serviceProviders.falkordb
• Weaviate: Vector database for knowledge base search and document retrieval. Stores document embeddings (numerical representations) to enable semantic search across your knowledge base — original documents are not stored in Weaviate, only their vector representations.

Other Circumstances

Data Retention

We retain your data for as long as necessary to provide our services and fulfill the purposes described in this policy. Below are our standard retention guidelines. You may request deletion of your data at any time by contacting us.

Data Security

We implement appropriate technical and organizational measures to protect your data:

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as: We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, adequacy decisions for countries with equivalent data protection laws, and other legally approved transfer mechanisms.

Your Rights Under GDPR

As an EU resident, you have the following rights regarding your personal data:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to certain processing activities
• Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Cookies and Similar Technologies

We use browser storage technologies (localStorage and sessionStorage) to provide and improve our Service. Essential storage includes authentication tokens, session state, device identifiers, cookie consent preferences, and language/theme settings. Optional analytics cookies (Google Analytics) are only loaded with your explicit consent. You can manage your cookie preferences at any time through our Cookie Settings page.

Do Not Track (DNT)

We do not track users for advertising or cross-site tracking purposes. We collect only essential session data and usage metrics necessary to provide and improve the Service. Optional analytics cookies (Google Analytics) are consent-based and can be disabled at any time through our Cookie Consent Banner and Cookie Settings page.

Payment Processing and Security

We use Stripe as our third-party payment processor. Stripe is PCI Service Provider Level 1 certified, the highest level of certification in the payments industry. We do NOT store or collect your payment card details on our servers. All payment information is provided directly to Stripe's secure servers using bank-level encryption. For more information, please refer to Stripe's Privacy Policy at https://stripe.com/privacy.

California Consumer Privacy Act (CCPA) Compliance

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA). This section explains those rights and how to exercise them.

Business Transactions and Transfers

If TeleCetli Kft. (SupportHub) is involved in a merger, acquisition, asset sale, or other business transaction, your Personal Data may be transferred as part of that transaction. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy. The acquiring entity will be contractually required to maintain the same level of data protection.

Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Data Protection Officer

For privacy-related inquiries or to exercise your rights, you can contact our Data Protection Officer at:

Complaint Rights

If you are unsatisfied with how we handle your personal data, you have the right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information:

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email or through our services.