Privacy Policy
Support.ng is operated by Bolrach Technologies. This policy explains what we collect, why we collect it, and the choices you have. It covers our website, the Support.ng console, the chat widget, the customer portal and our voice services. Where our business customers use Support.ng to serve their own customers, the business is the data controller and we process data on its instructions.
Data we collect
- Account data: your name, work email and workspace details, received through auth.ng sign-in. We do not store your password.
- Conversation data: tickets, chats, emails, social messages, call recordings and transcripts created while using the platform.
- Customer records our business users create: names, contact details, orders and notes about their own customers.
- Usage data: device, browser, pages visited, feature usage and diagnostic logs that help us keep the service reliable.
- Billing data: plan, invoices and payment status. Card details are handled by our payment processors and never stored by us.
How we use it
- To provide the service: routing conversations, powering AI suggestions from approved knowledge, and connecting calls.
- To keep it safe: fraud prevention, abuse detection, audit trails and security monitoring.
- To improve it: aggregated, de-identified analytics about performance and feature use.
- To communicate: service notices, billing messages and, with your consent, product updates you can opt out of at any time.
AI features answer only from knowledge a workspace has approved. We do not sell personal data, and we do not use one customer's private data to serve another customer.
Your rights (NDPA and GDPR)
Under the Nigeria Data Protection Act and, where applicable, the GDPR, you can request access to your personal data, correction, deletion, a portable export, or restriction of processing. Business users can serve these rights for their own customers with built-in export and erasure tools. To exercise a right, open a ticket from your console or the contact page, and we will respond within the statutory timelines.
Retention
Conversation data is retained according to your workspace plan and settings, then deleted or anonymised. Call recordings follow the retention window each workspace configures. Backups expire on a rolling schedule. When a workspace is closed, its data is deleted after a short recovery period, except records we must keep for legal or accounting reasons.
Processors and sharing
We use a small set of infrastructure providers for hosting, content delivery, payments, messaging channels and AI model inference, each bound by data-processing terms. We share personal data only with these processors, with a workspace's authorised members, or where the law requires it. A current processor list is available on request via ticket.
Security
Traffic is encrypted with TLS, data is encrypted at rest, workspaces are isolated with row-level security, sensitive fields are masked, and every significant action is audit-logged. Read more on our security page.
Contact
Questions about this policy or a privacy request: open a ticket from the contact page. Privacy tickets route to our data protection team with priority.