Legal — Privacy & Terms of Service

This Privacy Policy ("Policy") details our rigorous standards for data protection and transparency. At Bothive, we view privacy not as a compliance checkbox, but as a technical requirement for enterprise-grade AI automation.

1. THE DATA HIERARCHY

To operate the Pulse Engine and HiveLang runtime, we categorize data as follows:

Credential Data: OAuth tokens, API keys, and secret identifiers. These are stored in a hardware-isolated vault and are never accessible via our standard application logs.
Interaction Data: The "Neural Path"—a record of chat sessions, system prompts, and Agent execution logs. This is used exclusively for state management and context window persistence.
Environment Data: Metadata regarding your workspace configuration, team members, and integration status.

2. NEURAL NETWORK PROCESSING & LLMs

Bothive acts as an orchestration layer between your Agents and Large Language Models (LLMs) such as OpenAI-o1, Claude 3.5, and Llama 3.1.

No Training: Bothive does NOT use your private system prompts or proprietary HiveLang scripts to train generalized AI models. Your code is *your* intellectual property.
Zero-Retention Claims: While we enforce encryption, you acknowledge that underlying LLM providers (e.g., OpenAI) may have their own data retention policies. Bothive is not responsible for the privacy practices of external AI providers.
Prompt Injection Logs: We log failed or malicious prompt attempts to protect the integrity of the platform and prevent jailbreaking.

3. ENCRYPTION & DATA SOVEREIGNTY

Technical Assurance

TRANSIT: TLS 1.3 | AT REST: AES-256-GCM (BIP-39 Derived Salt)
DATABASE: Supabase / PostgreSQL RLS (Row Level Security)
ISOLATION: Per-Tenant Virtual Private Cloud (VPC)

4. THIRD-PARTY DATA FLOW

We share information only with a verified subset of "Essential Processors":

PARTNER	PURPOSE
Supabase Inc.	Infrastructure, Identity, Core Storage.
OpenAI / Anthropic	LLM Inference & Agent Reasoning.
Hivelocity	Bare-metal rendering & compiler execution.
Stripe Payments	Marketplace transactions & AML compliance.

5. COOKIES & TRACKING TECHNOLOGIES

BotHive utilizes "Technical Only" tracking. We do not use third-party advertising trackers or pixel identifiers.

Session Cookies: Temporarily stored within your browser for authentication persistence.
LocalStorage: Used to remember your dashboard layout preferences and sidebar state.
Telemetry: We use anonymized Vercel Telemetry to detect system bottlenecks and 500-level errors.

6. YOUR RIGHTS & DATA DELETION

Under GDPR (Article 17) and CCPA, you possess the "Right to be Forgotten." Upon request, Bothive will purge all interaction history and credentials from our active databases within thirty (30) days.

Note: Backups may persist for up to ninety (90) days but are stored in an encrypted, offline state.

7. LEGAL & GOVERNMENTAL DISCLOSURE

Bothive will only disclose user data to law enforcement if required by a valid, binding subpoena or court order. We will notify you of any such request unless legally prohibited from doing so.

8. CONTACT OUR DPO

For inquiries concerning your data or the exercise of your rights:
privacy@bothive.com

DPO_ASSIGNMENT: SEC-B-991
POLICY_ID: PRV-V5-FINAL
LAST_AUDIT: FEB_2026

Privacy Policy

Privacy Pillars