Privacy Policy

Last updated: February 15, 2026

1. Introduction

nocodetalks ("we", "us", "our") operates ChaseBot (the "Service") at chasebot.co. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using ChaseBot, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We may collect the following types of information:

  • Account information: Email address, name, and password (hashed) when you create an account.
  • Billing information: Payment is processed by DoDo Payments. We do not store full card numbers; we may store billing-related identifiers (e.g. DoDo customer ID) to manage your subscription.
  • Integration data: When you connect Xero or Gmail, we receive and store data necessary to provide invoice reminders (e.g. invoice details, contact emails, and email/SMS delivery status). We use this only to operate the Service.
  • Usage and logs: Logs of API requests, errors, and general usage to run and improve the Service.
  • Communications: If you contact us, we may keep records of that correspondence.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve ChaseBot.
  • Send automated invoice reminders (email and SMS) on your behalf.
  • Process payments and manage your subscription.
  • Respond to your requests and support inquiries.
  • Send service-related notices (e.g. security or policy updates).
  • Comply with legal obligations and enforce our terms.

4. Cookies and Similar Technologies

We use cookies and similar technologies (e.g. local storage) to keep you signed in, remember preferences, and understand how the Service is used. You can control cookies through your browser settings; disabling them may affect certain features.

5. Third-Party Services

We use trusted third parties to operate the Service. Each has its own privacy practices:

  • Supabase: Authentication and database (data stored in accordance with their privacy policy and our configuration).
  • DoDo Payments: Payment processing; payment data is governed by DoDo Payments' privacy policy.
  • Xero: When you connect Xero, we access invoice and contact data per Xero's API terms and your authorisation.
  • Gmail / Google: Used to send reminder emails when you connect Gmail; subject to Google's privacy policy.
  • SMS providers: We use third-party providers to send SMS reminders; message content and phone numbers are processed as necessary to deliver messages.
  • Simple Analytics: We use Simple Analytics for privacy-friendly website analytics. Simple Analytics does not use cookies, does not collect personal data, and is fully GDPR compliant. Only aggregated, non-personal page-view and referrer data is collected to help us understand how the Service is used.

6. Sharing, Transfer, and Disclosure of Google User Data

When you connect your Google account (e.g. Gmail) to ChaseBot, we access Google user data solely to send invoice reminder emails on your behalf. We handle this data as follows:

  • No selling: We do not sell your Google user data to any third party.
  • No advertising: We do not use your Google user data for advertising, retargeting, or any purpose unrelated to providing the Service.
  • Limited sharing: We share Google user data only with the following third-party service providers, and only as necessary to operate the Service:
    • Supabase, to securely store your authentication tokens and email delivery status.
  • No other transfers or disclosures: We do not transfer, disclose, or otherwise make Google user data available to any other third parties, except where required by law (e.g. in response to a valid legal request such as a subpoena or court order).

ChaseBot's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

7. Data Retention and Security

We retain your information for as long as your account is active or as needed to provide the Service, comply with law, or resolve disputes. We implement appropriate technical and organisational measures (including encryption in transit and at rest where applicable) to protect your data. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have rights to access, correct, delete, or port your personal data, or to object to or restrict certain processing. To exercise these rights, contact us at the email below. If you are in the EEA or UK, you also have the right to lodge a complaint with a supervisory authority.

You can delete your account and associated data from your account settings or by requesting deletion from us.

9. International Transfers

Your information may be processed in countries where we or our service providers operate. We ensure appropriate safeguards (e.g. standard contractual clauses or equivalent) where required by applicable law.

10. Children

ChaseBot is not directed at individuals under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal data, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the revised policy. Material changes may be communicated by email or a notice in the Service.

12. Contact Us

For questions about this Privacy Policy or our data practices, contact us at: ankur@nocodetalks.co. nocodetalks is the data controller for ChaseBot.