April logoApril
Sign Up

Privacy Policy

Our privacy policy and how we use your data

Last updated: March 26, 2026

1. Introduction

This Privacy Policy ("Policy") describes how 1070 AI Labs ("Company", "we", "us", or "our"), a company registered in Pune, Maharashtra, India, collects, uses, stores, shares, and protects your personal information when you use April ("the Service"), our AI-powered customer service agent platform.

By accessing or using the Service, you consent to the collection and use of your information as described in this Policy. If you do not agree with this Policy, please do not use the Service.

This Policy applies to all users of the Service, including account holders who create and manage chatbots ("Customers") and individuals who interact with chatbots deployed by Customers ("End Users").

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: When you create an account, we collect your name, email address, and authentication credentials. If you sign in via a third-party provider (e.g., Google), we receive your name, email, and profile picture from that provider.
  • Billing Information: When you subscribe to a paid plan, our payment processor collects your payment details (credit/debit card number, billing address). We do not store your full card details on our servers.
  • Chatbot Content: Files you upload, website URLs you provide for crawling, text you input, and Q&A pairs you create as knowledge base content for your chatbots.
  • Chatbot Configuration: Settings, customization preferences, widget appearance, and behavioral configurations you define for your chatbots.
  • Support Communications: Information you provide when contacting us for support, including email correspondence and any attachments.

2.2 Information Collected Automatically

  • Usage Data: We collect information about how you use the Service, including pages visited, features used, actions taken, timestamps, and session duration.
  • Device and Browser Information: We collect device type, operating system, browser type and version, screen resolution, and language preferences.
  • IP Address and Location: We collect your IP address, which may be used to determine your approximate geographic location (country/region level).
  • Cookies and Similar Technologies: We use cookies, local storage, and similar technologies as described in our Cookie Policy.

2.3 Information from End Users

When End Users interact with chatbots deployed by Customers, we may collect:

  • Chat messages and conversation content between the End User and the chatbot
  • Lead information (email address, name) if the Customer has enabled lead capture
  • Satisfaction ratings (thumbs up/down) provided by End Users
  • Browser information, IP address, and approximate location of End Users
  • Timestamps and session identifiers

2.4 Information from Third Parties

  • Authentication Providers: If you sign in using Google or other OAuth providers, we receive basic profile information as authorized by you.
  • Payment Processors: Our payment processor may share transaction status, subscription details, and billing events with us (but not your full payment card details).
  • Website Crawling: When you instruct us to crawl a website, we collect publicly available content from those web pages to build your chatbot's knowledge base.

3. How We Use Your Information

We use the information we collect to:

  • Provide and Maintain the Service: Create and manage your account, process your chatbot configurations, deliver AI-powered responses, and maintain service functionality.
  • Process Payments: Handle subscription billing, process payments, and manage your subscription plan.
  • Improve the Service: Analyze usage patterns to improve features, fix bugs, optimize performance, and develop new functionality.
  • AI Model Training: We may use aggregated and anonymized conversation data to improve the quality and accuracy of AI responses. We do not use your personally identifiable information or proprietary content for training purposes without your explicit consent.
  • Analytics and Reporting: Provide you with chatbot analytics, conversation metrics, lead reports, and usage statistics.
  • Communication: Send you service-related notifications, billing alerts, security warnings, and (with your consent) marketing communications.
  • Security and Fraud Prevention: Detect, prevent, and respond to security incidents, fraud, abuse, and violations of our Terms of Service.
  • Legal Compliance: Comply with applicable laws, regulations, legal processes, and governmental requests.

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contractual Necessity: Processing necessary to perform our contract with you (providing the Service as described in our Terms of Service).
  • Consent: Where you have given explicit consent, such as for marketing communications or optional data collection.
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving the Service, preventing fraud, and ensuring security, where these interests are not overridden by your rights.
  • Legal Obligation: Processing necessary to comply with legal requirements applicable to us.

5. Data Sharing and Disclosure

5.1 Service Providers

We share information with third-party service providers who assist us in operating the Service, including:

  • Cloud Infrastructure: Hosting, storage, and computing services to run the platform.
  • AI Model Providers: To process and generate chatbot responses. Your chatbot content is sent to AI model providers to generate contextual responses.
  • Payment Processors: To process subscription payments securely.
  • Analytics Providers: To help us understand how the Service is used.
  • Email Services: To send transactional and marketing communications.

All service providers are contractually bound to protect your information and use it only for the purposes we specify.

5.2 Customer-End User Relationship

When End Users interact with a Customer's chatbot, the conversation data (including messages, lead information, and satisfaction ratings) is accessible to the Customer who deployed that chatbot. Customers are responsible for their own privacy practices regarding End User data collected through their chatbots.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Court orders, subpoenas, or other legal processes
  • Requests from law enforcement or government authorities
  • Enforcement of our Terms of Service or protection of our rights, property, or safety
  • Prevention of fraud, security threats, or illegal activities

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity. We will notify you via email or prominent notice on the Service before your information is transferred and becomes subject to a different privacy policy.

5.5 No Sale of Personal Data

We do not sell your personal information to third parties. We do not share your personal information with third parties for their own marketing purposes.

6. Data Storage and Security

6.1 Data Storage

Your data is stored on secure servers provided by our cloud infrastructure partners. Data may be processed and stored in multiple geographic regions to ensure reliability and performance. By using the Service, you consent to the transfer and storage of your data in these locations.

6.2 Security Measures

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and authentication mechanisms for our systems
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and security practices
  • Incident response procedures for security breaches
  • Strict database access control policies and data isolation

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6.3 Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected users via email within 72 hours of becoming aware of the breach, as required by applicable law. We will also notify the relevant data protection authorities where required.

7. Data Retention

  • Account Data: We retain your account information for as long as your account is active. Upon account deletion, we will permanently delete your data within 30 days.
  • Chatbot Content and Conversations: Your chatbot knowledge base, conversation logs, and lead data are retained for as long as your account is active and the associated chatbot exists. Deleting a chatbot permanently removes all associated data.
  • Billing Records: We retain billing and transaction records for a minimum of 7 years as required by applicable tax and accounting laws.
  • Usage Logs: Aggregated and anonymized usage analytics may be retained indefinitely for service improvement purposes.
  • Support Communications: Support ticket records are retained for up to 3 years after resolution.

8. Your Rights and Choices

8.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of your data in a structured, commonly used, and machine-readable format.

8.2 Correction

You have the right to request correction of any inaccurate or incomplete personal information we hold about you. You can update most account information directly through the Service.

8.3 Deletion

You have the right to request deletion of your personal information. You can delete your account through the Service settings, which will trigger permanent deletion of all associated data within 30 days. Note that we may retain certain information as required by law or for legitimate business purposes.

8.4 Restriction and Objection

You have the right to request restriction of processing of your personal information and to object to processing based on our legitimate interests. Where processing is based on consent, you have the right to withdraw consent at any time.

8.5 Marketing Communications

You can opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at support@theapril.app. Note that you will continue to receive transactional and service-related communications.

8.6 Exercising Your Rights

To exercise any of these rights, please contact us at support@theapril.app. We will respond to your request within 30 days. We may require you to verify your identity before processing your request.

9. International Data Transfers

Your information may be transferred to and processed in countries other than India, including countries where our service providers operate. These countries may have different data protection laws than your country of residence.

When we transfer data internationally, we implement appropriate safeguards to ensure your information receives an adequate level of protection, including:

  • Standard contractual clauses approved by relevant data protection authorities
  • Data processing agreements with all service providers
  • Ensuring service providers maintain appropriate security certifications

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe we have collected information from a child, please contact us at support@theapril.app.

11. Customer Responsibilities

As a Customer using the Service to deploy chatbots, you are responsible for:

  • End User Notice: Informing your End Users that they are interacting with an AI chatbot and that their conversations may be recorded and stored.
  • Privacy Compliance: Ensuring your use of the Service, including data collected through your chatbots, complies with all applicable data protection laws in your jurisdiction (including GDPR, CCPA, and India's Digital Personal Data Protection Act).
  • Consent Collection: Obtaining any necessary consents from your End Users before collecting their personal data through the chatbot widget, particularly for lead capture features.
  • Content Legality: Ensuring that all content you upload to the Service (files, website data, text) does not violate any third-party intellectual property rights or applicable laws.
  • Data Processing Agreement: If required by applicable law, entering into a data processing agreement with us for the processing of End User data. Contact us at support@theapril.app to request a DPA.

12. Specific Regional Rights

12.1 European Economic Area (GDPR)

If you are located in the EEA, you have the following additional rights:

  • Right to lodge a complaint with your local data protection authority
  • Right to data portability in a machine-readable format
  • Right not to be subject to automated decision-making, including profiling, that produces legal or similarly significant effects

12.2 California (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information is being collected about you
  • Know whether your personal information is sold or disclosed and to whom
  • Say no to the sale of your personal information
  • Access your personal information
  • Request deletion of your personal information
  • Not be discriminated against for exercising your privacy rights

We do not sell personal information as defined under the CCPA/CPRA.

12.3 India (Digital Personal Data Protection Act)

If you are located in India, you have rights under the Digital Personal Data Protection Act, 2023, including the right to access, correct, and erase your personal data, and the right to nominate another individual to exercise your rights in case of death or incapacity.

13. Third-Party Links and Services

The Service may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the Service.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you by email or by posting a prominent notice on the Service at least 15 days before the changes take effect. Your continued use of the Service after the effective date of the revised Policy constitutes your acceptance of the changes.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For data protection inquiries or to exercise your privacy rights, please email support@theapril.app with the subject line "Privacy Request". We will acknowledge your request within 48 hours and respond substantively within 30 days.