GDPR Compliance Statement

BotEngine is committed to protecting the privacy and personal data of all users in accordance with the General Data Protection Regulation (GDPR – EU Regulation 2016/679).

1. Lawful Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Consent (forms, email opt-in, cookies)
  • Contractual necessity (subscriptions, accounts, client portal)
  • Legal obligations (billing, tax compliance)
  • Legitimate interest (security, fraud prevention)

2. Data Subject Rights

Under GDPR, you have the following rights:

  • Right to access your personal data
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent at any time

3. Data Security

We implement industry-standard security measures to protect your data, including encryption, secure servers, access controls, and regular audits.

4. International Data Transfers

Your data may be processed outside the EU, particularly by third-party providers such as Make.com, OpenAI, Stripe, Google, or hosting services. When this occurs, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs).

5. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected or to comply with legal obligations.

6. Cookies and Tracking

We use cookies only after obtaining consent when required. Details are available in our Cookie Policy.

7. Data Protection Officer (DPO)

If you have any GDPR-related questions or requests, you may contact us through our contact page.

8. Updates to This Statement

This GDPR Compliance Statement may be updated periodically. Please review it regularly for changes.

Last Updated: 22 November 2025