Intendr

Privacy Policy

Effective Date: January 1, 2026

Intendr ("Intendr," "we," "us," or "our") operates the Intendr platform, an AI-powered customer engagement suite that includes chat agent services, voice agents, live chat, lead capture funnels, visitor tracking, and identity resolution (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our Service, whether as a business customer ("Customer") or as an end-user interacting with a Customer's chat agent or voice agent ("End-User").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Account Information (Customers)

When you create an Intendr account, we collect your name, email address, and password. If you sign in through a third-party provider such as Google or GitHub, we receive your name, email address, and profile image from that provider. We also store your organizational role (owner, admin, or member) and organization association.

1.2 Conversation Data

We store the content of chat messages exchanged between End-Users and AI chat agents, as well as messages during live agent sessions. Each conversation record includes metadata such as the page URL where the chat was initiated, the referring URL, browser user-agent string, the End-User's approximate geographic location derived from their IP address (country and city), and any UTM campaign parameters present in the URL.

1.3 Lead and Funnel Data

When an End-User completes a lead capture funnel, we collect the information they provide, which may include name, email address, phone number, and any other fields the Customer has configured. This data is stored in association with the relevant chat agent and conversation.

1.4 Voice Call Data

If a Customer uses our voice agent feature, we process call audio through our telephony partner (ElevenLabs). Call transcripts and metadata, including call duration and phone numbers, may be stored depending on the Customer's privacy settings. Customers may enable voice recording, set retention periods, or activate zero-retention mode, in which transcripts and audio are deleted after processing.

1.5 Visitor Tracking and Identity Data

Customers may deploy our tracking pixel on their websites. When enabled, this pixel collects:

  • Browser and device data: user-agent string, screen resolution, timezone, preferred language, operating system, and device type.
  • Device fingerprinting data: canvas rendering fingerprint, WebGL renderer fingerprint, installed font detection, and audio context fingerprint. These are used to create a unique device identifier to recognize returning visitors across sessions.
  • Browsing behavior: pages visited (URL and title), referring URLs, time spent on each page, and scroll depth.
  • IP addresses: collected for approximate geolocation and, where enabled by the Customer, for identity resolution purposes.

This information is compiled into identity profiles that allow Customers to understand visitor behavior and recognize returning visitors. Duplicate profiles may be automatically merged based on matching email addresses, phone numbers, or device fingerprints.

1.6 IP-Based Identity Resolution

When enabled by a Customer, we may use a third-party data partner to resolve IP addresses to additional identity information, which may include name, mailing address, phone number, email address, and demographic data (such as age range, household size, and estimated income range). This feature is optional and controlled entirely by the Customer.

1.7 Training Documents

Customers upload documents (PDF, DOCX, TXT, Markdown, EPUB, or HTML files) and provide website URLs to train their chat agents. We process and store the text content of these documents to power AI responses. Uploaded files are subject to a 10 MB size limit per file.

1.8 Usage and Analytics Data

We track token usage (prompt and completion tokens) for AI-generated responses and telephony minutes for voice calls. Customers may optionally connect their Google Analytics 4 property, in which case we send engagement events (such as chat started, funnel completed, lead submitted, and call completed) to their GA4 account via the Measurement Protocol.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Authenticate users and manage account access.
  • Power AI chat agent and voice agent conversations using the Customer's training content and conversation history.
  • Capture and deliver leads to Customers through configured funnels and webhooks.
  • Build and maintain visitor identity profiles for Customer use.
  • Send transactional emails, including password reset messages.
  • Monitor usage, enforce rate limits, and prevent abuse.
  • Improve the Service and develop new features.

3. Third-Party Services

We share information with the following categories of third-party service providers, strictly as necessary to operate the Service:

  • AI Model Providers (OpenAI, Anthropic): Conversation messages and training document context are sent to these providers to generate AI responses. These providers process data according to their own privacy policies and data processing agreements.
  • Voice Agent and Telephony (ElevenLabs): Call audio, transcripts, and voice agent knowledge base content are processed by ElevenLabs to power voice agents.
  • Email Delivery (SendGrid): We use SendGrid to send transactional emails such as password reset messages. Only the recipient's email address and the message content are shared.
  • Identity Resolution Data Partner: When a Customer enables IP-based identity resolution, IP addresses are sent to our data partner for lookup. The data partner returns associated identity information.
  • Geolocation and Mapping (Google Maps Platform): We use Google Maps APIs for address geocoding and place autocomplete features.
  • Analytics (Google Analytics 4): When configured by the Customer, engagement events are sent to the Customer's own GA4 property.
  • Database Hosting (MongoDB Atlas): All application data is stored in MongoDB Atlas cloud database infrastructure.

4. Cookies and Tracking Technologies

The Intendr platform itself does not use traditional browser cookies for tracking. Instead, we use:

  • Local Storage: A visitor identifier is stored in the browser's local storage to recognize returning visitors across sessions.
  • Session Storage: A session identifier is stored to group page views and interactions within a single browsing session.
  • Device Fingerprinting: As described in Section 1.5, our tracking pixel may generate a device fingerprint from browser characteristics to identify returning visitors even when local storage has been cleared.
  • HTTP Cookies: We use a single HTTP cookie for administrative session impersonation purposes, which is applicable only to platform administrators.

5. Customer Webhooks and Data Transmission

Customers may configure webhook URLs to receive lead data, funnel completions, and other event notifications. When a webhook is triggered, collected data (including lead information, conversation metadata, and optionally chat history) is transmitted to the Customer's designated endpoint. Intendr is not responsible for how Customers handle data received through webhooks.

6. Data Retention

  • Account data is retained for as long as the Customer's account remains active.
  • Conversation and message data is retained indefinitely unless the Customer has enabled zero-retention mode for a chat agent, in which case messages are not persisted after the conversation ends.
  • Voice call data retention is configurable by the Customer, including options for automatic deletion after a specified number of days or immediate zero-retention processing.
  • Identity profiles and visitor tracking data are retained for as long as the Customer's account is active.
  • Training documents are retained until deleted by the Customer.

7. Data Security

We implement industry-standard security measures to protect your data, including:

  • Passwords are hashed using bcrypt before storage.
  • Authentication tokens are signed using secure secrets and transmitted over HTTPS.
  • API keys for chat agent widgets are unique and scoped to individual chat agents.
  • Domain allowlisting restricts where chat agent widgets can be embedded.
  • Role-based access control limits data access within organizations.

While we take reasonable precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to any legal retention requirements.
  • Data Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain processing activities, including profiling.

For End-Users: If you have interacted with a chat agent or voice agent operated by an Intendr Customer and wish to exercise any of these rights, please contact the Customer directly, as they are the data controller for your information. The Customer may then instruct us to fulfill your request.

For Customers: To exercise any of these rights, please contact us at [email protected].

9. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us at [email protected].

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers and third-party service providers are located. By using the Service, you consent to such transfers. We take reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Effective Date" at the top of this page and, where appropriate, notify Customers by email. Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Intendr
Email: [email protected]