Legal
Privacy Policy
Last updated: July 1, 2025
At MendDesk, your privacy matters. This policy explains what data we collect when you use our AI customer support platform, why we collect it, and how we protect it. We are committed to transparency and never sell your data.
1. Information We Collect
We collect information you provide directly, including your name, email address, and password when you register. When you connect knowledge sources or helpdesk integrations, we store the credentials (encrypted) and content needed to power your AI support agent. We also automatically collect usage data such as pages visited, conversations handled, IP address, browser type, and timestamps to operate and improve the Service.
2. How We Use Your Information
We use the information we collect to: (a) provide, maintain, and improve the MendDesk AI support platform; (b) authenticate your identity and secure your account; (c) train and operate your AI support agent on your authorized data; (d) send transactional emails such as password resets and daily summaries; (e) respond to support requests; (f) detect and prevent fraud or abuse; and (g) comply with legal obligations. We do not use your data for advertising or sell it to third parties.
3. Customer Conversation Data
Conversations between your customers and the MendDesk AI agent are processed solely to provide support on your behalf. Conversation data is stored securely and is accessible only to you and authorized team members. We do not use your customers' conversation content to train models for other customers without your explicit consent.
4. Knowledge Base and Integration Data
Documents, tickets, and data synced from your connected sources (helpdesks, wikis, product databases) are encrypted at rest using AES-256 and in transit using TLS. We process this data solely to power your AI support agent's responses and actions. We do not access your data for any purpose other than providing the Service to you.
5. Data Sharing
We do not sell your personal data. We may share data with: (a) service providers who help us operate the platform (hosting, monitoring, email delivery, AI inference), each bound by confidentiality obligations; (b) law enforcement or regulators when required by law; or (c) a successor entity in the event of a merger, acquisition, or sale of assets, with notice to you.
6. Cookies and Tracking
We use session cookies for authentication and preference cookies to remember your settings. We use analytics cookies to understand how the Service is used in aggregate. You can control cookies through your browser settings; disabling authentication cookies will prevent you from signing in.
7. Data Security
We implement industry-standard security measures including encryption at rest and in transit, access controls, and regular security reviews. No method of transmission over the internet is 100% secure. You are responsible for maintaining the security of your account credentials and for notifying us of any suspected breach.
8. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law. Integration credentials are deleted immediately upon account deletion or connection removal.
9. Your Rights
Depending on your jurisdiction, you may have the right to: access the personal data we hold about you; correct inaccurate data; request deletion of your data; object to or restrict certain processing; and data portability. To exercise these rights, contact us at privacy@menddesk.com. We will respond within 30 days.
10. International Transfers
Your data may be processed in countries other than your own. When we transfer data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by relevant data protection authorities.
11. Children's Privacy
The Service is not directed at children under the age of 16. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete it promptly.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a prominent notice in the Service at least 14 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, please contact our privacy team at privacy@menddesk.com.