Privacy Policy

Last updated: April 3, 2026

1. Who we are

Ticket0 ("we", "us", "our") is an AI-powered customer service platform. This policy explains how we handle data when you use our platform at ticket0.ai and any associated services.

2. Data we collect

Account data

When you create an account, we collect your name, email address, and workspace information. If you subscribe to a paid plan, our payment processor (Stripe) handles billing details — we do not store credit card numbers.

Customer support data

Ticket0 processes inbound support emails and chat messages on your behalf. This includes sender information, message content, and any attachments. This data belongs to you — we process it solely to provide the service.

Usage data

We collect basic usage analytics: pages visited, features used, and performance metrics. We do not use third-party trackers or advertising cookies.

3. How we use your data

  • Provide the service — route emails, power AI responses, manage your knowledge base.
  • Improve the platform — understand usage patterns, fix bugs, develop features.
  • Communicate with you — account notifications, service updates, and support.
  • Billing — process payments and manage subscriptions through Stripe.

4. AI processing & BYOK

Ticket0 uses AI to draft responses, classify tickets, and power knowledge base retrieval. With our Bring Your Own Key (BYOK) architecture, AI requests are sent directly to your chosen provider (OpenRouter, Anthropic, OpenAI, Google) using your API keys.

We do not train AI models on your data. Your support conversations are never used to train, fine-tune, or improve any AI model — ours or third-party.

Your API keys are encrypted at rest using AES-256 and are never logged or exposed. Each AI provider has their own data handling policies — we recommend reviewing them when connecting your keys.

5. Data storage & security

  • Data is stored in PostgreSQL databases hosted in the EU (Neon, AWS eu-central-1).
  • All connections are encrypted in transit (TLS 1.2+).
  • API keys are encrypted at rest with AES-256.
  • Access to production systems is restricted and audit-logged.
  • We perform regular backups with point-in-time recovery capability.

6. Data sharing

We do not sell your data. We share data only with:

  • Infrastructure providers — hosting, database, and email delivery services necessary to operate the platform.
  • AI providers — only when you configure BYOK keys, and only the data needed to generate responses.
  • Payment processor — Stripe, for billing purposes only.
  • Legal requirements — if required by law, court order, or to protect our legal rights.

7. Data retention

We retain your data for as long as your account is active. When you delete your account, we remove your data within 30 days, except where we're legally required to retain it. Backups are purged on their natural rotation cycle (up to 30 days after deletion).

8. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.
  • Object to or restrict certain processing.
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at privacy@ticket0.ai.

9. Cookies

We use essential cookies only — session authentication and workspace selection. We do not use advertising, tracking, or analytics cookies. No cookie consent banner is needed because we don't use non-essential cookies.

10. Changes to this policy

We may update this policy as our practices evolve. We'll notify you of material changes via email or in-app notification. Continued use of Ticket0 after changes constitutes acceptance.

11. Contact

Questions about this policy? Reach us at privacy@ticket0.ai.