Privacy Policy

Last updated: May 10, 2026

This Privacy Policy describes how Cserv Labs ("Cserv Labs", "we") collects, uses, and shares personal information when you use our website and services.

1. Information we collect

• Account information — your name, email address, and billing details, provided when you sign up or purchase.
• Customer Data — email messages, help documents, and past tickets you connect to our services for processing.
• Usage data — basic analytics (page views, feature use, device type) to understand how our services are used.
• Payment data — processed by Stripe. We never see or store your full payment card number.

2. How we use information

• To operate, maintain, and improve the services.
• To process payments and send receipts, account notifications, and important service emails.
• To provide customer support and respond to your requests.
• To meet legal, accounting, and security obligations.

3. How we do not use information

• We do not sell your personal information.
• We do not train public or third-party AI models on your Customer Data.
• We do not use Customer Data for advertising, profiling, or behavioral tracking.

4. How we share information

We share personal information only with service providers necessary to operate the service, under contractual obligations to keep it confidential and to use it only for our purposes. Current providers include:

• Stripe — payment processing
• Cloudflare — DNS, CDN, and web hosting
• Resend — transactional email delivery
• OpenAI — large-language-model processing for AI features
• PostgreSQL hosting — encrypted data storage

We may disclose information if required by law, subpoena, or court order, or to protect the rights, property, or safety of Cserv Labs, our users, or others.

5. Data retention

Account data is retained for the life of your account and up to 30 days after deletion, unless a longer period is required for legal or financial record-keeping. Full email message bodies are not retained beyond 30 days; we keep metadata and embeddings required to provide the service.

6. Your rights

Depending on your location, you may have rights to access, correct, delete, or export the personal information we hold about you. To make a request, write to [email protected]. We will respond within 30 days.

7. International transfers

We are a US-based company. Data you provide may be processed in the United States and other countries where our service providers operate. We rely on Standard Contractual Clauses or equivalent safeguards where applicable.

8. Security

We use industry-standard technical and organizational measures to protect your information, including encryption in transit and at rest, role-based access control, and regular security reviews. No system is perfectly secure; if we discover a breach affecting your data, we will notify you as required by law.

9. Children

Our services are not directed to children under 16, and we do not knowingly collect personal information from children.

10. Changes to this policy

Material changes to this Policy will be announced by email at least 14 days before they take effect.

11. Contact

Privacy or data-rights questions: [email protected].