Legal

Privacy Policy

Effective date: 1 May 2026

AiGate (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains what information we collect, why we collect it, and how it is used. By using AiGate you agree to this policy.

1. What AiGate does

AiGate is a service that makes business websites readable and usable by AI assistants (such as ChatGPT, Claude, and Perplexity). When an AI assistant queries a business site connected to AiGate, our system fetches the live page from the business’s own server, extracts relevant information from it, and returns that information to the AI assistant in a structured format.

This policy covers data collected from: (a) businesses that subscribe to AiGate, and (b) AI assistants and their end users that access AiGate-connected websites.

2. What we collect

From business subscribers

  • Account information: your name, email address, and password (hashed, never stored in plain text)
  • Business details: your domain name, business name, and any profile information you enter in your dashboard (e.g. trading hours, service areas, description)
  • Billing information: processed entirely by our payment provider; we receive only a confirmation token and your plan level — no card numbers
  • Dashboard activity: pages visited, settings changed, and actions taken in your AiGate account

From AI assistant requests

  • Request metadata: the name of the AI assistant, timestamp, the tool called, response time, and response status
  • Approximate location: country and city derived from the requesting IP address (we do not log the IP address itself)
  • Tool input summary: a brief summary of what the AI was asking for (e.g. “menu query”) used for analytics — not verbatim user messages

3. What we never collect

This is important: AiGate is a live passthrough service. We do not store the content that passes through us.

We never store or retain:

  • Menu items, product listings, or prices fetched from your site
  • Availability, booking information, or stock levels
  • Customer names, emails, payment details, or any data submitted through forms
  • Verbatim conversations between AI assistants and end users
  • Full HTML content of your web pages

When an AI query is handled, the fetched page and extracted data exist only in memory during that request. They are discarded the moment the response is sent. Your origin server remains the sole source of truth for all business content.

4. How we use your information

  • To provide the AiGate service and operate your account
  • To generate the analytics shown in your dashboard (request counts, agent names, tool usage, response times)
  • To send account-related emails (receipts, renewal notices, important service updates)
  • To investigate abuse, enforce our Terms, and comply with legal obligations
  • To improve the service — aggregate, anonymised usage patterns only

We do not sell your personal information. We do not use it for advertising.

5. Data storage and security

All data is stored on Cloudflare infrastructure, with servers located in the region nearest to the requesting user. Cloudflare is certified to ISO 27001 and SOC 2 Type II.

Raw request analytics logs are retained for 90 days, then automatically purged. Aggregated daily statistics (no personal data) are kept for up to 2 years.

All connections between AI assistants, AiGate, and your origin server use HTTPS. Passwords are hashed using bcrypt. Session tokens are signed JWTs with short expiry.

6. Third-party services

AiGate uses the following third-party services to operate:

ProviderPurposeData shared
CloudflareHosting, CDN, database, rate limitingAll infrastructure data
Payment providerBilling and subscriptionsEmail address, plan selection

We do not share your data with any other third parties unless required by law.

7. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate information
  • Request deletion of your account and associated personal data
  • Export your data in a portable format
  • Object to or restrict certain processing

To exercise any of these rights, email hello@aigate.dev. We will respond within 30 days. Account holders can also delete their account directly from the dashboard Settings page, which triggers immediate deletion of personal account data.

8. Cookies

The AiGate dashboard uses a single session cookie (aigate_session) to keep you signed in. This cookie is:

  • Strictly necessary for the service to function — no consent banner is required
  • HttpOnly and Secure — cannot be accessed by JavaScript
  • Expires after 7 days of inactivity

The marketing pages (this site) do not set any tracking or analytics cookies. No third-party advertising cookies are used anywhere on aigate.dev.

9. Children

AiGate is a business service not directed at children. We do not knowingly collect personal information from anyone under 18. If you believe a child has created an account, please contact us and we will delete it promptly.

10. Changes to this policy

We may update this policy from time to time. When we make material changes, we will notify account holders by email at least 14 days before the change takes effect. The current version is always available at aigate.dev/privacy.

11. Contact us

Questions, requests, or concerns about this policy should be directed to:

AiGate Privacy

Email: hello@aigate.dev