Legal

Privacy Policy

Effective date: March 8, 2026

Phenee is operated by ThinkGrid Labs. We built Phenee to handle customer support with privacy in mind from day one — tenant data isolation, PII masking, and zero training on your data are defaults, not options. This policy explains what we collect, why, and how we protect it.

1. Information We Collect

We collect only what is necessary to provide the service.

Account & Beta Signup Data

When you join the beta or create an account, we collect your email address, name, and company name. This is used to provision your account and communicate with you about the service.

Usage Data

We collect information about how you interact with the Phenee dashboard — pages visited, features used, session duration, IP address, browser type, and device identifiers. This is used for product improvement and security monitoring.

Knowledge Base Content

When you upload documents, PDFs, help articles, or other content to Phenee, that content is stored and indexed to power your AI widget. You own this content and it is never shared across tenants or used to train our models.

2. How We Use Your Information

  • Provision and maintain your Phenee account and widget
  • Send transactional emails — account setup, billing, and service updates
  • Respond to support requests and onboarding queries
  • Analyze aggregate usage patterns to improve the product
  • Detect and prevent abuse, fraud, and security incidents
  • Comply with legal obligations

We do not sell your data. We do not use your data or your customers' data for advertising. We do not train AI models on your content.

3. Data Processed Through the Widget

When your customers interact with the Phenee widget embedded on your site, we process:

  • Chat messages (questions asked and AI responses returned)
  • Session identifiers (anonymous, randomly generated per session)
  • Approximate geolocation (country-level only, derived from IP)

Phenee automatically redacts PII (email addresses, phone numbers, credit card numbers) from all chat messages before they are stored. As a business using Phenee, you are the data controller for your customers' data. We act as a data processor under your instructions.

4. Third-Party Services

We use the following third-party infrastructure providers. Each is bound by their own privacy policies and data processing agreements.

ProviderPurpose
Anthropic / OpenAI / GoogleLLM inference for AI responses
QdrantVector database for semantic search
RedisSession and cache storage
PostgreSQLPersistent account and configuration data
ResendTransactional email delivery

LLM providers receive only the relevant query and retrieved context — they do not receive your full knowledge base or account data. We use provider APIs under zero-data-retention agreements where available.

5. Data Security

We implement security controls appropriate for a production SaaS service:

  • Strict tenant data isolation — your data is never co-mingled with another customer's
  • Automatic PII redaction from all stored chat messages
  • Encryption in transit (TLS 1.2+) and at rest
  • Role-based access controls on all internal systems
  • SOC 2 Type II compliance in progress; GDPR-aligned data handling

No method of transmission over the internet is 100% secure. We work to protect your data but cannot guarantee absolute security.

6. Data Retention

Account data is retained for the duration of your subscription plus 30 days after cancellation, during which you may export your data. After 30 days, your account, knowledge base, and chat history are permanently deleted.

Chat session data stored in Redis is capped at 100 messages per session and automatically expires. Analytics data is retained in aggregate for up to 24 months.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access — request a copy of the data we hold about you
  • Right to rectification — correct inaccurate or incomplete data
  • Right to erasure — request deletion of your personal data
  • Right to data portability — receive your data in a machine-readable format
  • Right to object — object to processing based on our legitimate interests
  • Right to restrict processing — ask us to limit how we use your data

To exercise any of these rights, email us at privacy@phenee.com. We will respond within 30 days.

8. Cookies

We use strictly necessary cookies for authentication (session tokens) and security. We do not use third-party advertising cookies or tracking pixels. You may disable cookies in your browser settings; however, core dashboard functionality requires session cookies to work.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email at least 14 days before the changes take effect. Continued use of the service after that date constitutes acceptance of the updated policy. The effective date at the top of this page will always reflect the latest version.

10. Contact Us

For privacy inquiries, data requests, or to report a concern:

ThinkGrid Labs

Operating as: Phenee

Email: privacy@phenee.com