1. Introduction
AxiomThemes (website url address: https://axiomthemes.com/) appreciates your business and trust. We are a Cyprus based company, creating products to enhance your website building experience. Please read this Privacy Policy, providing consent to both documents in order to have permission to use our services.
2. Data Collected
Data Storage Location
We are a Cyprus based company and operate web servers hosted in Germany. Our hosting provider Hetzner Online GmbH adheres to the EU/US “Privacy Shield”, ensuring that your data is securely stored and GDPR compliant. For more information on Hetzner Online GmbH privacy policy, please see here: Hetzner Data Privacy Policy
Registration Data
If you register on our website, we store your chosen username and your email address and any additional personal information added to your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit this information.
Purchase Data
To receive product support, you have to have one or more Envato/AxiomThemes purchase codes on our website. These purchase codes will be stored together with support expiration dates and your user data. This is required for us to provide you with downloads, product support, and other customer services.
Support Data
If you have registered on our website and have a valid support account, you can submit support tickets for assistance. Support form submissions are sent to our third party Ticksy ticketing system. Only the data you explicitly provided is sent, and you are asked for consent, each time you want to create a new support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.
Comments
When you leave comments on the website we collect the data shown in the comments form, and also the IP address and browser user agent string to help spam detection.
Contact Form
Information submitted through the contact form on our site is sent to our company email, hosted by Zoho. Zoho adheres to the EU/US “Privacy Shield” policy and you can find more information about this here: Zoho Privacy Policy.
These submissions are only kept for customer service purposes they are never used for marketing purposes or shared with third parties.
Google Analytics
We use Google Analytics on our site for anonymous reporting of site usage. So, no personalized data is stored. If you would like to opt-out of Google Analytics monitoring your behavior on our website please use this link: Google Analytics Opt-out.
Cases for Using the Personal Data
We use your personal information in the following cases:
- Verification/identification of the user during website usage;
- Providing Technical Assistance;
- Sending updates to our users with important information to inform about news/changes;
- Checking the accounts’ activity in order to prevent fraudulent transactions and ensure the security
- over our customers’ personal information;
- Customize the website to make your experience more personal and engaging;
- Guarantee overall performance and administrative functions run smoothly.
3. Embedded Content
Pages on this site may include embedded content, like YouTube videos, for example. Embedded content from other websites behaves in the exact same way as if you visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. Below you can find a list of the services we use:Youtube
We use YouTube videos embedded on our site. YouTube has its own cookie and privacy policies over which we have no control. There is no installation of cookies from YouTube and your IP is not sent to a YouTube server until you consent to it. See their privacy policy here: YouTube Privacy Policy.4. Cookies
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.
Necessary Cookies (all site visitors)
- cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
- PHPSESSID: To identify your unique session on the website.
Necessary Cookies (Additional for Logged in Customers)
- wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
- wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
- wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
5. Who Has Access To Your Data
If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.
If you are a client with a registered account, your personal information can be accessed by:
- Our system administrators.
- Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
6. Third Party Access to Your Data
We don’t share your data with third-parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with in order to provide the services you expect from us. Please see below:Envato Pty Ltd
For the purpose of validating and getting your purchase information regarding licenses for this theme, we send your provided tokens and purchase keys to Envato Pty Ltd and use the response from their API to register your validated support data. See the Envato privacy policy here: Envato Privacy Policy.Ticksy
Ticksy provides the support ticketing platform we use to handle support requests. The data they receive is limited to the data you explicitly provide and consent to being set when you create a support ticket. Ticksy adheres to the EU/US “Privacy Shield” and you can see their privacy policy here: Ticksy Privacy Policy.7. How Long We Retain Your Data For
When you submit a support ticket or a comment, its metadata is retained until (if) you tell us to remove it. We use this data so that we can recognize you and approve your comments automatically instead of holding them for moderation.
If you register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except changing your username). Website administrators can also see and edit that information.
8. Security Measures
We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personally identifiable information is not captured/hijacked by third parties without authorization.
In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.
9. Your Data Rights
General Rights
If you have a registered account on this website or have left comments, you can request an exported file of the personal data we retain, including any additional data you have provided to us.
You can also request that we erase any of the personal data we have stored. This does not include any data we are obliged to keep for administrative, legal, or security purposes. In short, we cannot erase data that is vital to you being an active customer (i.e. basic account information like an email address).
If you wish that all of your data is erased, we will no longer be able to offer any support or other product-related services to you.
GDPR Rights
Your privacy is critically important to us. Going forward with the GDPR we aim to support the GDPR standard. AxiomThemes permits residents of the European Union to use its Service. Therefore, it is the intent of AxiomThemes to comply with the European General Data Protection Regulation. For more details please see here: EU GDPR Information Portal.
10. Third Party Websites
AxiomThemes may post links to third party websites on this website. These third party websites are not screened for privacy or security compliance by AxiomThemes, and you release us from any liability for the conduct of these third party websites.
All social media sharing links, either displayed as text links or social media icons do not connect you to any of the associated third parties unless you explicitly click on them.
Please be aware that this Privacy Policy, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service or Site. AxiomThemes bears no responsibility for the information collected or used by any advertiser or third party website. Please review the privacy policy and terms of service for each site you visit through third party links.
11. Release of Your Data for Legal Purposes
At times it may become necessary or desirable to AxiomThemes, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.
Any passing on of personal data for legal purposes will only be done in compliance with laws of the country you reside in.
Privacy Policy.
How we collect, use, store, and protect your personal data — written in plain language, not legalese. Compliant with GDPR (EU), CCPA (California), and applicable laws in our other markets.
↳ The 30-second version
We collect the minimum data needed to sell you AI agents, process payments, support you, and improve our products. We do not sell your data. We use trusted processors (Stripe, Google, Twilio, ElevenLabs, Anthropic) under strict contracts. You can access, correct, export, or delete your data anytime by emailing info@botlib.ai.
§ 01Who we are
This Privacy Policy applies to the website botlib.ai and all related services (the "Services") operated by AIBUILDERS LLC, a Delaware-registered company (EIN 35-2843990), with its registered office at 254 Chapman Rd, Suite 208, Newark, DE 19702, USA ("BotLib", "we", "us", or "our").
BotLib operates a marketplace of AI agents for local businesses. We are the data controller for personal data we collect through our website, our sales process, our customer support, and any AI agent we operate as a managed service ("Done-For-You" plans). When you self-install an agent on your own infrastructure, you are typically the data controller for the end-user data that agent processes; in that case, we are a data processor acting on your instructions.
§ 02What we collect
You give us directly
- Account & contact data — name, email, phone number, company name, country, role.
- Payment data — processed by Stripe. We never see or store your full card number. We retain only the last 4 digits, brand, and expiry for receipt purposes.
- Communication content — messages you send via email, WhatsApp, the contact form, or in product chats.
- Creator data — if you publish on our marketplace: tax ID, payout details, agent metadata.
We collect automatically
- Usage data — pages viewed, links clicked, time on site, referrer, search terms.
- Device & technical data — IP address (truncated), browser, OS, device type, language.
- Cookies & similar technologies — see section 9.
We receive from third parties
- Identity providers — if you sign in with Google or another OAuth provider, we receive your name and email.
- Affiliate tracking — referral source via Rewardful (60-day cookie).
- Public profiles — LinkedIn data, when you DM us or apply as a creator.
§ 03How we use it
- Provide the Services — process orders, deliver tutorials, deploy and run AI agents.
- Bill and collect payments — via Stripe; manage subscriptions, refunds, taxes.
- Support you — answer questions, troubleshoot, escalate.
- Improve our products — analyze usage to fix bugs and add features. We do not train AI models on your data.
- Communicate — service emails, security alerts, and (with your consent) product updates.
- Comply with the law — taxes, KYC for creators, fraud prevention.
- Marketing — only with your consent and only opt-out anytime.
§ 04Legal basis (GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under the following legal bases:
- Contract — to deliver the Services you purchased.
- Legitimate interest — to secure our platform, prevent fraud, and improve our products (you can object).
- Consent — for marketing emails, non-essential cookies, and certain optional analytics.
- Legal obligation — accounting, tax, and regulatory reporting.
§ 06International transfers
Because we operate across the USA, France, the UAE, and Thailand, your personal data may be transferred outside your country of residence. When data leaves the European Economic Area, we rely on:
- EU Standard Contractual Clauses (SCCs) with all non-EU processors.
- The EU-US Data Privacy Framework for certified US processors where applicable.
- Adequacy decisions issued by the European Commission, when available.
You can request a copy of the safeguards in place by emailing us.
§ 07How long we keep it
- Account data — for as long as your account is active, plus 3 years after closure.
- Order & payment records — 10 years for tax and accounting purposes (US, EU).
- Support messages — 3 years from your last contact.
- Marketing consent records — 3 years after withdrawal.
- AI agent conversation logs (DFY) — 30 days by default; you can request shorter retention or full deletion.
- Cookies — see section 9.
When retention periods expire, we delete or anonymize the data.
§ 08Your rights
Depending on where you live, you have the following rights:
Everyone (where applicable)
- Access — get a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Deletion — ask us to delete your data (the "right to be forgotten").
- Restriction — limit how we use your data while a dispute is resolved.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interest or direct marketing.
- Withdraw consent — at any time, without affecting prior processing.
California residents (CCPA / CPRA)
- Right to know what we collect, use, and share.
- Right to delete your personal information.
- Right to correct inaccurate information.
- Right to opt out of "sale" or "sharing" of personal information — note that we do not sell or share personal information for cross-context behavioral advertising.
- Right to non-discrimination for exercising your rights.
To exercise any right, email info@botlib.ai with subject line "Privacy request". We respond within 30 days (or as required by applicable law). We may ask for proof of identity to protect your data.
If you believe we have not handled your request adequately, you can lodge a complaint with your data protection authority — for example, the CNIL in France (cnil.fr), the ICO in the UK, or your state attorney general in the USA.
§ 10AI agents — special notes
Our agents (Atlas, Echo, Rhea, Nova, Orion) process data on behalf of the businesses that deploy them. Please read carefully:
What an agent may process
- Voice recordings and transcripts of phone calls (Atlas).
- Text messages, emails, and form submissions from end-users.
- Caller phone numbers, names, appointment times.
- Conversation history within a single session.
How we keep it safe
- We do not use end-user conversations to train AI models — ours or any third party's.
- Voice and text data sent to ElevenLabs and Anthropic is processed under their respective enterprise data agreements (zero retention by default, where supported).
- By default, conversation logs are retained 30 days for support and quality purposes, then deleted.
- End-users of an agent (e.g., the people calling Atlas) are informed at the start of each call that they are speaking with an AI assistant and that the call may be recorded.
§ 11How we protect it
- All data in transit is encrypted with TLS 1.2+.
- Production secrets are stored in encrypted vaults, never in code.
- Access is limited to authorized personnel on a need-to-know basis.
- Regular security reviews of our infrastructure and processors.
- Multi-factor authentication required for staff accounts.
No system is impenetrable. In the unlikely event of a breach affecting your data, we will notify you and the relevant authorities within 72 hours, as required by GDPR.
§ 12Children
Our Services are not directed at, or intended for, children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it.
§ 13Changes to this policy
We may update this Privacy Policy from time to time. When we do, we update the "Last updated" date at the top. If the changes are material, we will notify you by email or via a prominent notice on the site at least 30 days before they take effect.
The current version always supersedes prior versions. You can request a copy of a prior version by emailing us.
§ 14Contact & data protection
For any privacy question, complaint, or rights request, contact us:
Newark, DE 19702, USA
For EU-related matters, you can also lodge a complaint with the data protection authority of your country of residence. A list is maintained by the European Data Protection Board at edpb.europa.eu.