Privacy Policy

We collect the information you provide directly — account details, the contents of conversations you route through Chimes, and the configuration of your workspace — along with limited technical data needed to operate the service securely.

Personally identifiable information is encrypted at rest with AES-256-GCM via your KMS adapter, and a typed redactor scrubs PII before anything reaches an operational log.

We use your data to deliver and improve the service you asked for: resolving interactions, grounding answers, and surfacing the signals you've configured. We do not sell your data, and we do not use your customers' conversations to train models for other customers.

You can export or delete your data at any time. If you self-host the open-source core, your data never leaves your infrastructure — identity, secrets, and storage run behind providers you control.

We retain data for as long as your workspace is active or as required to provide the service and meet legal obligations. On termination, we delete or return your data according to your agreement and applicable law.

Questions about this policy or a privacy request? Reach us through the contact page and we'll respond promptly.