Privacy Policy


Last Revised: July 2nd, 2020

Botlerr Technologies Ltd. (“Botlerr”, “Company”, “we”, “our” or “us”) and the Customer (“you”) executed our standard end-user license agreement (the “Agreement”), under which we will integrate Botlerr’s language-driven automation AI platform known as “Plantt” with your services/systems (the “Systems”) in order to automate your customer support services and improve your clients’ experience  (our “Service(s)”). 


As a data controller, you are required to comply with applicable requirements under privacy and data protection laws, as well as to receive any required consents from your clients and other users of your Systems (collectively, the “End-User(s)”) for the collection, use, processing, transfer and/or disclosure of their information by the Company for the purpose of providing the Services, as further detailed below. 


This Privacy Policy provides information with respect to the processing of this information on your behalf for the purpose of providing you with the Services.


  1. Which End-User Data we may collect?

End-User Data” consists of the following types of information:

  • 1.1. The first type of information is non-identifiable and anonymous information (“Non-personal Information”). Non-personal Information is any unconcealed information which does not enable identification of an individual End-User. Non-personal Information is available to us while End-Users are accessing or using your Systems. Non-personal Information which is being gathered by us may consist of technical information, behavioral non-personal information or aggregated information, and may contain, among other things: 
  • technical data, e.g. type of operating system and configuration, screen resolution, screen density, logs of the Systems’ activities, e-mail traffic metadata, hashed communications, hashed information, technical features of the End-User's use of your System, software version, hardware type, etc.; and 
  • behavioral data, which may include usage patterns and other statistical data, the time that the End-User spent in your Systems and additional information of a similar nature (collectively, “Technical and Behavioral Information”);
  • furthermore, we collect network communication metadata, files metadata, process lists and general events metadata. We may also use third-party service providers as further detailed under Section 8 below, to obtain detailed analytics on the device and the End-Users’ behavior on your Systems.

1.2. The second type of information is individually identifiable information (“Personal Information”). This information identifies an individual and/or is of a private and/or sensitive nature, including:

1.2.1 End-Users’ Personal Information which is submitted voluntarily by End-Users through your Systems. Personal Information (such as full name, email address, telephone number, username, location, address, transcripts of conversations, etc.) that is submitted by End-Users upon submitting a customer support query or other request through your Systems, or while using your Systems (such as correspondence with you or your representatives, etc.).  

1.2.2. End-Users’ Personal Information which is collected automatically via technology means:

  • Identifiers: We will access, collect, process, monitor and/or remotely store online identifiers of your End-Users, such as Internet Protocol (IP) address, AD-IDs or other unique identifiers, for the purpose of identifying and reporting abnormal activities. 
  • Technical and Behavioral Information: To the extent that the Technical and Behavioral Information detailed above under Section 1.1 will be linked to or associated with a specific individual, then such information will be considered as Personal Information. It will be used for the purpose of identifying and reporting abnormal activities.
  1. How does Botlerr Collect End-User Data?

Once our Services are integrated with your Systems, we will automatically receive the End-User Data. The End-User Data may be collected with the use of various tracking technologies. We may gather, collect and store the information either independently or through the help of our authorized third-party service providers, as detailed below.

Note that we will only have access to Personal Information that you will choose to make available to us. If you direct us to process less types of Personal Information, we will do so. Your preferences will be addressed upon the integration between our Services and your Systems, or at any other time requested by you.

  1. What are the Purposes of the Collection of End-Users’ Data?

3.1. Non-personal Information is processed in order to:

  • Create statistical and other aggregate information and analysis with respect to your End-Users’ behavioral patterns on your Systems; and
  • Use the Non-personal Information for statistical, analytical and research purposes and for customization, developing and improvement of our Services. 

3.2. Personal Information is processed in order to:

  • provide our Services, including replying to End-Users’ requests and queries automatically (live chat responses) based on pre-defined scenarios, as well as analyze repetitive scenarios in order to classify customer inquiries or requests, remembering an End-User’s typed-in information for subsequent visits, etc.;
  • provide your End-Users with customized advertisements, content and information;
  • monitor and analyze third-party marketing activities;
  • track your End-Users’ entries, submissions and status in any promotions or other activities on the Services;
  • reasonably assist you with reporting to data protection authorities, or otherwise complying with your obligations as the controller of the Personal Information; 
  • conduct internal operations, including troubleshooting, data analysis, testing, research and statistical purposes, as well as improving the Services;
  • comply with our legal obligations, protect our rights and legitimate interests, as well as those of the End-Users; and
  • maintaining records for legal purposes and general administrative purposes.
  1. Sharing Personal Information with Third Parties

4.1. Botlerr respects your End-Users’ privacy and will not rent or sell their Personal Information to any third party. Notwithstanding the foregoing, Personal Information may be shared by Botlerr with third parties in the following cases:

  • Your Service Providers: Per your request, we will share Personal Information with vendors, commercial software providers, consultants and/or data processers who perform services on your behalf. 
  • Our Service Providers: We may share Personal Information with sub-processors that assist us with collecting, holding and/or managing your End-Users’ Personal Information (for example, cloud-based services), solely for the purposes described above and in accordance with this Privacy Policy. These sub-processors may be located in countries outside of your and your End-Users’ jurisdiction. For more information regarding our sub-processors, please refer to Section ‎8 below. 
  • Other Legitimate Interests: (a) to satisfy any applicable law, regulation, legal process, subpoena or governmental request; (b) to enforce this Privacy Policy or the Agreement, including investigation of potential violations thereof; (c) to detect, prevent, or otherwise address fraud, security or technical issues; (d) to protect the rights, property, or personal safety of Botlerr, you, your End-Users, or the general public; (e) when Botlerr is undergoing any change in control, including by means of a merger, acquisition or purchase of all or substantially all of its assets (while such transaction may include a transfer of information to an entity which may be located in a country that does not have the same data protection laws as the End-Users’ jurisdiction); and (f) pursuant to an End-User’s explicit approval prior to the disclosure. 

4.2. For the avoidance of doubt, Botlerr may transfer and disclose Non-personal Information to third parties at its own discretion, including without limitation, for statistical, analytical and research purposes and for customization, developing and improvement of our Services.

  1. Deletion or Modification of Personal Information

Since we have no direct relationship with your individual End-Users and we do not send communications to your End-Users, you hereby agree to handle all End-Users’ requests with respect to deletion and modifications of their Personal Information, or other requests to which they are entitled by law. For example, End-Users who seek access to their Personal Information, or who wish to correct, amend, delete inaccurate information or withdraw consent for further use of their Personal Information should direct their request to you.

If you are unable to fully handle such a request and only we possess the ability or power to solve your End-User’s request or issue, please forward that request to the email address specified in Section 10 below and provide us with the necessary instructions, and we will make reasonable efforts to solve the issue pursuant to any applicable privacy laws.

Unless you instruct us otherwise, we may retain your End-Users’ Personal Information until it is no longer required for the purposes for which such Personal Information was collected, or until the termination of the Agreement, all as permitted under any applicable privacy laws. Aggregated and/or anonymous data may remain on our servers indefinitely.

  1. Location of your End-Users’ Data

The information collected from your Systems by Botlerr, including your End-Users’ Data may be transferred to, and stored at, servers which may be located in countries outside of your and your End-Users’ jurisdiction and in a country that is not considered to offer an adequate level of protection under your and your End-Users’ local laws. It may also be processed by sub-contractors operating outside of your country.

Nevertheless, we will take appropriate measures to ensure that your End-Users’ Personal Information is processed and stored securely and in accordance with applicable privacy laws. These measures include putting in place data transfer agreements or ensuring that our third-party service providers comply with standard data transfer protection measures.

  1. Security

7.1. We take appropriate measures to maintain the security and integrity of our Service and the End-Users’ Data that we collect and prevent unauthorized access to them or use thereof through generally accepted industry standard technologies and internal procedures. Some of the security measures that we employ include, without limitation:

  • Personal Information collected by our Services is protected and encrypted by Secure Socket Layer (“SSL”) technology;
  • we apply data security measures such as AWS hardware security modules that have been validated under FIPS 140-2 (such as NIFI and ELASTIC); 
  • we apply Amazon Guard Duty for management threat detection; and
  • we apply a separation of duty among our employees and an access control management, which prevents unauthorized personnel from accessing the End-Users’ Data, including Personal Information. 
  • Regular penetration tests and automated vulnerability scans

7.2. Please note, however, that there are inherent risks in transmission of information over the Internet or other methods of electronic storage and we cannot guarantee that unauthorized access or use will never occur.

7.3. Botlerr will comply with applicable law in the event of any breach of the security, confidentiality, or integrity of your End-Users’ Personal Information and will inform you of such breach if required by applicable law.

7.4. TO THE EXTENT THAT BOTLERR IMPLEMENTED THE REQUIRED SECURITY MEASURES UNDER APPLICABLE LAW, BOTLERR SHALL NOT BE RESPONSIBLE OR LIABLE FOR AN UNAUTHORIZED ACCESS, HACKING, OTHER SECURITY INTRUSIONS, FAILURE TO STORE, OR THE THEFT, DELETION, CORRUPTION, DESTRUCTION, DAMAGE, OR LOSS OF ANY END-USERS’ DATA.

  1. Third Party Service Providers

4.3. As stated above, in order to provide our Services and/or fulfill the purposes mentioned in Section 3 above, we may use third party service providers (such as hosting cloud services) in the course of collecting, storing and/or processing the End-User Data.

4.4. Such third parties service providers, include without limitation the following categories of service providers:

  • Cloud hosting services, including AWS, which servers are located in the U.S. (Amazon.com Inc. is Privacy Shield certified);
  • AI and translation services, including Microsoft Azure, which servers are located in the U.S. (Microsoft Corporation is Privacy Shield certified);
  • Authentication services, including Firebase which servers are located in the U.S. (Google LLC is Privacy Shield certified); and
  • Database services, including MongoDB Atlas which servers are located in the U.S. (MongoDB Inc. is Privacy Shield certified).

4.5. Please read such third-party service providers’ terms of use and privacy policies to understand their privacy practices.

  1. Changes to the Privacy Policy

The terms of this Privacy Policy are in effect as long as the Agreement is in effect. Botlerr reserves the right to change this Privacy Policy at any time. A prior notice of changes to the Privacy Policy will be sent to you. In the event that the terms of this Privacy Policy should be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice.

  1. Forwarding Requests and Notification to Botlerr

Any request or notification that you are obliged to send to us under this Privacy Policy shall be sent to us by e-mail to the following address: privacy@plantt.io and we will make a reasonable effort to respond or take the necessary actions within a reasonable timeframe.

Made with ❤️  for customer experience teams.