Privacy Policy

1. Introduction

BD1 LLC ("we," "our," or "us") operates BD1.ai ("BD1"), an AI-powered business development automation tool for Telegram. We are committed to protecting your privacy and being transparent about how we handle your data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Our Privacy-First Architecture

This architecture means that even if our servers were compromised, your Telegram data would remain secure because we never store it.

3. Information We Collect

3.1 Information You Provide

When you use BD1, we may collect:

• Account Information: Email address, name, and account preferences
• Telegram Connection: Authorization to access your Telegram data (processed client-side only)
• Integration Credentials: API keys or OAuth tokens for third-party services you choose to connect (HubSpot, Notion, etc.)

3.2 Telegram Data (Client-Side Only)

When you connect your Telegram account, the following data is processed locally in your browser:

• Telegram messages and conversations
• Contact information from your Telegram contacts
• Group and channel membership
• Message metadata (timestamps, read status, etc.)

Important: This data is stored only in your browser's local storage and is never sent to our servers unless you explicitly trigger an AI query or export action.

3.3 Usage Information

We automatically collect certain information when you use our service:

• Log Data: IP address, browser type, operating system, access times
• Usage Metrics: Features used, queries made, errors encountered
• Performance Data: Page load times, response times, technical diagnostics

3.4 Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Authentication and session management
• User preferences and settings
• Analytics and service improvement

4. How We Use Your Information

We use the information we collect to:

• Provide the Service: Process your queries, execute batch messaging, and sync with CRM systems
• AI Processing: Send anonymized query context to AI/LLM providers to generate responses (see Section 6)
• Improve the Service: Analyze usage patterns, fix bugs, and develop new features
• Communication: Send service updates, security alerts, and support messages
• Security: Detect and prevent fraud, abuse, and security incidents
• Legal Compliance: Comply with legal obligations and enforce our Terms of Service

5. Telegram Data Security

When you disconnect your Telegram account or clear your browser data, all locally stored Telegram information is permanently deleted.

6. AI and LLM Processing

BD1 uses artificial intelligence and large language models to process your queries. Here's how it works:

6.1 What We Send to AI Providers

When you make an AI query (e.g., "Summarize my unread messages"), we send:

• Your natural language query
• Relevant Telegram message context needed to answer your question
• Metadata about the conversation (timestamps, sender names, etc.)

6.2 Third-Party AI Providers

We currently use the following AI service providers:

• OpenAI (GPT models)
• Anthropic (Claude models)
• Other LLM providers as we expand our capabilities

These providers process your data according to their own privacy policies. We minimize the data sent and do not share unnecessary personal information.

6.3 AI Data Retention

We configure our AI providers to:

• Not use your data for training their models (where supported)
• Delete query data after processing (according to their retention policies)
• Maintain industry-standard security and encryption

7. Third-Party Integrations and CRM Sync

When you enable third-party integrations, we share data with these services on your behalf:

7.1 HubSpot Integration

When you connect HubSpot, we sync:

• Contact information from Telegram conversations
• Conversation history and notes
• Engagement metrics and timeline events

7.2 Notion Integration

When you connect Notion, we sync:

• Database entries with contact and company information
• Meeting notes and conversation summaries
• BD pipeline status and updates

7.3 Custom Webhooks

When you configure custom webhooks, you control exactly what data is sent to external endpoints. We recommend:

• Only connecting trusted services with secure (HTTPS) endpoints
• Reviewing what data will be transmitted before enabling webhooks
• Understanding the privacy policies of services you connect

Your Responsibility: You are responsible for ensuring you have proper authorization to sync Telegram data with third-party services and for complying with their terms of service and privacy policies.

8. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With Your Consent: When you explicitly authorize us to share data (e.g., CRM integrations)
• Service Providers: With trusted third-party service providers who assist in operating our service (AI providers, hosting, analytics)
• Legal Requirements: When required by law, subpoena, or court order
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Security and Fraud Prevention: To protect the rights, property, or safety of BD1, our users, or the public

9. Data Retention

We retain different types of data for different periods:

• Telegram Data: Stored only in your browser; deleted when you disconnect or clear browser data
• Account Information: Retained while your account is active and for a reasonable period after deletion
• Usage Logs: Typically retained for 90 days for security and analytics purposes
• Integration Data: Retained according to the policies of third-party services (HubSpot, Notion, etc.)

You can request deletion of your data at any time by contacting support@bd1.ai.

10. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Data Portability: Request export of your data in a machine-readable format
• Opt-Out: Opt out of certain data processing activities
• Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us at support@bd1.ai.

11. Security Measures

We implement industry-standard security measures to protect your information:

• HTTPS/TLS encryption for all data transmission
• Client-side processing to minimize server-side data exposure
• Regular security audits and vulnerability assessments
• Access controls and authentication for our systems
• Encryption of sensitive data at rest

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information.

13. Children's Privacy

BD1 is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: