Privacy Policy

Last updated: [DATE]

This Privacy Policy explains how Docently (“Docently”, “we”, “us”) handles information when you visit docently.org and when you use the Docently chat assistant embedded on a customer's website (the “Service”). Docently provides the Service to organizations who embed it on their own websites. When the Service runs on a customer's site, that customer is the controller of the interaction and Docently acts as their processor/service provider.

Information we process

1. The knowledge base (customer website content)

To answer questions, Docently reads the public pages of the customer's website and stores a processed copy of that page text. This content is public information published by the customer. We do not crawl pages disallowed by robots.txt, and customers can exclude pages from indexing.

2. Conversation data

When a visitor uses the assistant, we process:

• the question text the visitor types and the answer returned;
• a random session identifier generated in the browser for that visit, used to group a conversation and limit abuse — it is not tied to any account and is not persisted in the browser between visits;
• limited technical metadata needed to operate the Service (e.g., timing and the IP address seen by our servers, used for rate-limiting and security).

Visitors should not enter sensitive personal information into the assistant. We ask customers to present the assistant accordingly.

3. Website analytics

The docently.org marketing site uses no advertising cookies and no cross-site trackers. The embedded assistant sets no cookies and writes nothing to the visitor's browser storage.

How we use information

• To generate grounded answers from the customer's website content.
• To operate, secure, and rate-limit the Service.
• To let the customer review conversations and improve their content and the assistant's instructions.
• To diagnose problems and improve answer quality.

We do not sell personal information, use it for advertising, or build cross-site profiles.

AI processing and sub-processors

To produce answers, question text and relevant passages from the customer's pages are sent to our AI sub-processors for language understanding and generation. Our sub-processors are:

Our AI provider processes API requests under commercial terms and does not use the content to train its models.

Data retention

Conversation logs are retained for up to 30 days and then automatically deleted. Indexed page content is refreshed as the customer's site changes and removed when a customer ends the Service.

Children's privacy

The Service is not directed to children and we do not knowingly collect personal information from them. By design it minimizes data regardless of audience: the knowledge base is public page content, the assistant requires no login, sets no cookies, and does no behavioral advertising. When an organization that serves minors (such as a school) uses the Service, Docently acts on that organization's behalf and a Data Processing Agreement is available to support their compliance obligations — contact privacy@docently.org.

Security

We use encryption in transit (HTTPS), access controls, and rate limiting, and we limit what data is collected in the first place. See our Security & Trust page for technical detail on what loads on a page and where data flows.

Your choices and requests

Because Docently usually acts on behalf of the website operator, requests to access or delete conversation data are typically handled through that organization. You may also contact us at privacy@docently.org and we will route or honor the request as applicable. Note conversation logs are in any case deleted within 30 days.

Changes to this policy

We may update this policy; we will revise the “Last updated” date above when we do.

Contact

Docently — privacy@docently.org