GetSupportX
Legal

Privacy Policy

Last updated June 1, 2026

These documents are templates provided for general information and site completeness — they are not legal advice. Please consult your own counsel before relying on them. The definitive terms that apply to your account are those in the agreement you sign with GetSupportX, Inc.

This Privacy Policy explains how GetSupportX, Inc. ("GetSupportX", "we", "us") collects, uses, shares and protects personal data when you visit our website, create an account, or use the GetSupportX customer support platform (the "Service").

We act in two different roles. For the account, billing and website data of our business customers and visitors, we are a data controller. For the support content our customers process through the Service on behalf of their own end users (the people who contact our customers for support), we act as a data processor — our customer is the controller and decides why and how that data is processed.

Data we collect

We collect the following categories of personal data, depending on how you interact with us:

  • Account data — name, work email, password hash, workspace and role, and the company you represent.
  • Billing data — plan, seat count, billing contact and the limited transaction metadata returned by our payments provider. We do not store full card numbers.
  • Usage and device data — log data, IP address, browser and device type, pages viewed and feature interactions, used to operate, secure and improve the Service.
  • Support content — the messages, attachments, contact records, knowledge-base articles and conversation history our customers and their end users create in the Service. We process this on our customers' instructions.
  • Cookies and similar technologies — small identifiers used for sign-in sessions, preferences and privacy-preserving analytics (see our Cookie Policy).
  • Communications — messages you send to our sales, support or success teams.

How we use data

We use personal data to provide, secure, maintain and improve the Service, including to:

  • Create and administer accounts, authenticate users and provision seats.
  • Operate core support features — inbox, chat, knowledge base, automation and reporting.
  • Provide AI features that are grounded in a customer's own knowledge base and conversations.
  • Process payments, manage subscriptions and send service and billing notices.
  • Detect, prevent and respond to fraud, abuse and security incidents.
  • Provide customer support and respond to your requests.
  • Send product updates and marketing where permitted, which you can opt out of at any time.

AI features are knowledge-base grounded. Customer data is not used to train shared or third-party foundation models. Any model used to serve a customer is given only that customer's content at inference time, and outputs are returned only to that customer's workspace.

Sharing and subprocessors

We do not sell personal data. We share data only with service providers (subprocessors) who help us deliver the Service — such as cloud hosting, email delivery, error monitoring, content delivery, payments and AI inference — under contracts that require appropriate confidentiality and security.

Our current subprocessors are listed on our Subprocessors page. We may also disclose data to comply with the law, enforce our terms, or protect the rights, property or safety of our users and the public.

International transfers

We operate globally and may transfer personal data to countries other than your own, including the United States. Where we transfer data out of the European Economic Area, the United Kingdom or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Addendum.

Data retention

We retain account and billing data for as long as your account is active and as needed to comply with legal, tax and accounting obligations. Support content is retained according to the retention settings of your plan and your own configuration, after which it is deleted or anonymized. Backups are retained on a rolling basis and expire automatically.

Security

We apply administrative, technical and organizational measures appropriate to the risk, including encryption in transit, encryption at rest, per-workspace data isolation, least-privilege access controls, audit logging, and regular review of our security posture. No method of transmission or storage is perfectly secure, but we work continuously to protect your data.

Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Erase your data, subject to legal retention requirements.
  • Port your data to another service in a structured, machine-readable format.
  • Object to or restrict certain processing, including direct marketing.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

To exercise these rights, contact us at [email protected]. If your data is processed by one of our customers as a controller (for example, you contacted a business that uses GetSupportX for support), please direct your request to that business; we will assist them as their processor.

Children

The Service is a business tool and is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will delete it.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes we will update the date above and, where appropriate, notify you. Your continued use of the Service after an update means you accept the revised policy.

Contact us

For privacy questions or to exercise your rights, email [email protected] or write to GetSupportX, Inc., 2261 Market Street, San Francisco, CA 94114, USA.