Privacy Policy
1. Introduction
PROXYGIST LLC, doing business as LOOP (“LoopHQ,” “we,” “us,” or “our”), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our Service.
This policy applies to:
- The LoopHQ website (loophq.dev)
- The LoopHQ dashboard and application
- The LoopHQ chat widget embedded on your website
- The LoopHQ WordPress plugin
- Conversations that reach a Loop agent through connected messaging channels (e.g., Facebook Messenger)
By using the Service, you consent to the data practices described in this policy. Please also review our Terms of Service, Usage Policy, Cookie Policy, AI Interaction Notice, and Sub-Processors list.
2. Service Availability and Geographic Scope
LoopHQ is operated from the United States and is offered to customers located in the United States. We do not actively market the Service to residents of the European Union, the United Kingdom, or other jurisdictions outside the United States.
Our customers may operate websites that are accessible globally, and their visitors may interact with a Loop agent from anywhere in the world. When a visitor outside the United States interacts with a Loop agent embedded on a customer’s site, the customer (as the business operating that site) acts as the data controller for the visitor’s information under applicable foreign privacy laws, and LoopHQ acts as a data processor on the customer’s behalf. The customer is responsible for any region-specific obligations (for example, GDPR consent banners or cookie notices on their own website).
Because we do not target users outside the United States and we do not engage in cross-context behavioral advertising, we do not currently display a cookie consent banner on loophq.dev. See our Cookie Policy for full details on the limited storage we do use.
Where applicable law grants visitors rights regardless of our targeting (for example, GDPR Article 3(2) for monitoring of behavior within the EU), we honor those rights. See Section 14 (Your Privacy Rights) and Section 11 (Visitor Data Subject Request Process).
3. Information We Collect
3.1 Information You Provide
- Account Information: Email address and password when you create an account, or a passwordless magic link sent to your email. Your password is encrypted and managed by our authentication service. We do not store passwords in plaintext.
- Business Profile: Business name, legal name, industry, business sub-type, team size, website URL, and website platform — provided during onboarding or in your account settings.
- Agent Configuration: Agent display name, agent purpose, custom AI instructions, welcome messages, popup messages, branding preferences, response behavior settings, lead-scoring rules and custom labels, booking link configurations, custom legal links, and (on applicable plans) custom CSS and custom domain configuration.
- Knowledge Base Content: Documents (PDFs, text files), Q&A entries, and website URLs you upload to train your AI agent. When you submit a URL, the publicly available text of that URL is extracted by a third-party scraping service and stored in your knowledge base.
- Billing Information: Billing name, billing email, billing address, tax identification number (if applicable), and payment method metadata (card brand, last four digits, expiration). Full payment details are processed and stored by Stripe, our payment processor. We do not store full card numbers.
- Team Information: Email addresses of team members you invite, their assigned role (owner, admin, or member), and the user ID of each member after they accept an invitation.
- Notification and Display Preferences: Your notification settings (per-event toggles and per-project mutes), your handoff display name (the name shown to visitors when you join a live conversation), and your dashboard preferences.
- Integration Credentials: When you connect third-party integrations (e.g., HubSpot, GoHighLevel, Google Calendar, Facebook Messenger), we store the OAuth tokens, API keys, selected resources (calendar ID, Facebook Page ID), and configuration necessary to operate each integration.
- Automation Configuration: Webhook URLs, selected event types, webhook signing secrets, and automation rules you configure.
- Enterprise Inquiries: If you submit an enterprise inquiry form, we collect company name, role, company size, industry, use case details, requested plan parameters, timeline, budget, and contact information.
- Support Communications: Messages and feedback you send to our support team, including any attachments you choose to include.
- Billing and Account Audit Data: For security and fraud prevention, we maintain an audit log of billing-relevant actions, which records the acting user, IP address, before/after states, and related event identifiers.
3.1.1 Google API Services User Data Policy Disclosure
LoopHQ’s use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- We only request the minimum permissions necessary (Google Calendar read/write scopes for appointment scheduling)
- We use Google user data solely to provide the calendar scheduling features you enable in your LoopHQ dashboard
- We do NOT transfer Google user data to third parties, except as necessary to provide user-facing features with your consent, for security purposes, or to comply with applicable law
- We do NOT use Google user data for advertising, including retargeting or personalized ads
- We do NOT allow humans to read your Google user data unless you have given affirmative consent, it is necessary for security purposes, or it is required by law
- We do NOT use Google user data to train generalized AI or machine learning models
You can disconnect your Google account at any time from your LoopHQ dashboard under the Integrations settings. Disconnecting revokes our access and removes your stored credentials from our systems.
3.2 Automatically Collected Information
- Usage Data: Pages visited, features used, and actions taken within the LoopHQ dashboard.
- Device and Connection Information: IP address, browser type and version, and operating system.
- Page Analytics: Page views and interaction data collected through our hosting provider’s built-in, non-cookie-based analytics.
- Rate-Limit Data: We use a transient cache to record recent IP addresses and visitor identifiers in order to enforce abuse-prevention limits. This data is retained only briefly and is used solely to protect the Service from automated abuse.
We do NOT use third-party tracking cookies or advertising pixels. See our Cookie Policy for full details.
3.3 Visitor Data Collected Through Your Chatbot
Important distinction: When your website visitors interact with your Loop chatbot, the following data may be collected on your behalf:
- Contact information: Name, email address, and phone number, captured through one of the lead-capture methods enabled in your agent’s configuration.
- Conversation content: The full message history between your visitor and your AI agent, including any files, links, or structured data shared during the conversation.
- Session information: Anonymous visitor session identifiers, the channel source (widget, Facebook Messenger, or future channels), and browser information.
- Presence signals: Typing indicators and engagement state (transiently broadcast to support the live-chat experience).
- AI-derived analytical signals: Categorical signals about the conversation (such as lead quality, sentiment, urgency, and topics) generated by our AI systems to help the operating business understand and serve the visitor. See Section 5 (Automated Decision-Making).
- Booking details: If the AI books an appointment on the operating business’s calendar, the visitor’s name and email are included as calendar-event attendee information.
- Visitor IP address: Collected transiently for rate-limit enforcement (see Section 3.2).
For this visitor data, the business operating the agent is the data controller and LoopHQ acts as a data processor. The operating business is responsible for disclosing LoopHQ’s role in its own privacy policy and for obtaining any consents required by applicable law in the visitor’s jurisdiction.
3.4 Messaging Platform Data (Facebook Messenger and Future Channels)
Facebook Messenger is currently supported on applicable plans. Additional messaging channels — including Instagram DM, WhatsApp, and SMS — are planned for future release. When you connect any messaging channel, the data practices described in this section apply, and you are subject to the underlying platform’s terms and our Usage Policy.
When you connect a messaging channel, additional data is collected through that platform:
- Platform user identifiers: Page-Scoped User IDs (PSIDs) for Facebook Messenger. When Instagram DM and WhatsApp are introduced, equivalent platform-scoped identifiers (IGSIDs for Instagram, WhatsApp phone numbers) will be collected. These identifiers are unique per-user-per-page assignments and cannot be used to identify users across different pages or platforms.
- Message content: Text messages, media (images, files), and interaction data (button clicks, quick replies) exchanged between your customers and your AI agent through these channels.
- User profile data: Name and profile picture as provided by the platform to identify the sender in your conversation dashboard. Profile pictures may be cached in our storage to remain available alongside the conversation, and are removed when the underlying conversation is deleted.
- Page connection details: Which Facebook Page (or in the future, Instagram account or WhatsApp number) the conversation is associated with, and OAuth credentials for sending replies on your behalf.
How we use messaging data: Messaging data is used solely to deliver AI-powered responses to your customers, display conversations in your LoopHQ dashboard, power the analytics and AI-derived signals described in Section 3.3, and qualify leads. We do NOT access users’ friends lists, personal Facebook/Instagram profiles, photos, or any data beyond the conversation itself.
Data controller: As with web widget visitor data (Section 3.3), you are the data controller for messaging data collected through your connected channels. LoopHQ acts as a data processor. Conversations through Meta-owned platforms are also subject to Meta’s Privacy Policy.
Data retention: Messaging conversation data follows the same retention principles as web widget conversations (see Section 10).
Data deletion: When a user requests deletion of their data through Meta, we process the request and remove all associated conversation data. You can also delete conversations from your LoopHQ dashboard at any time. See Section 11 for the full deletion request process.
4. How We Use Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Process payments, manage subscriptions, issue invoices, and calculate taxes
- Generate AI-powered chatbot responses using your knowledge base content
- Analyze conversations to produce AI-derived analytical signals that help the operating business understand visitor intent (see Section 5)
- Send proactive follow-up messages to visitors who appear to have disengaged from a conversation (see Section 6)
- Send transactional communications (lead alerts, handoff notifications, booking confirmations, billing notifications, system updates, and — on applicable plans — daily digest emails)
- Push lead information to connected CRM, automation, or webhook endpoints when you configure those integrations
- Detect and prevent fraud, abuse, and security incidents
- Analyze usage patterns to improve user experience
- Enforce our Terms of Service and Usage Policy
- Comply with legal obligations
We do NOT use your information for targeted advertising, and we do NOT sell or share personal information for cross-context behavioral advertising. See our Do Not Sell or Share notice.
5. Automated Decision-Making
Loop applies automated analysis to conversations in order to help the operating business understand visitor intent and respond appropriately. These automated signals, generated by AI systems, may include categorical assessments of:
- Lead quality, drawing on the conversation and any rules the operating business has configured
- Visitor sentiment
- Urgency
- Conversation topics and context
These signals are used internally by the Service and are visible to the operating business in its dashboard. They do not independently cause legal effects on visitors (they do not, for example, deny service, approve credit, or execute transactions without human involvement). They are decision-support signals for the operating business.
Right to human review: If an automated signal produced by Loop has been used in a way that you believe produced a significant effect on you (for example, you believe you were excluded from a service offering based solely on a lead score), you may request that the operating business review the outcome with a human. You may also contact us at privacy@loophq.dev and we will assist in routing your request to the operating business.
No adverse automated decisions by Loop: Loop itself does not use these signals to make adverse automated decisions about individual visitors without human involvement.
6. Proactive AI Communications
Loop agents may send unsolicited follow-up messages during a conversation if the system detects that a visitor may benefit from a gentle nudge. Proactive messaging is subject to internal frequency limits and cooldowns designed to protect visitor experience, with channel-appropriate behavior across the channels we support.
Visitor opt-out: Visitors can stop receiving proactive messages by closing the chat widget, by not responding on messaging platforms, or (where the channel supports it) by sending standard opt-out keywords. On messaging platforms, the underlying platform’s messaging policies and opt-out mechanisms apply.
Customer responsibility: The business operating the agent is responsible for ensuring proactive messaging is appropriate for its audience and its jurisdiction, and for complying with any applicable messaging or consent laws (e.g., TCPA for SMS in the United States). See our Usage Policy for additional requirements.
7. Legal Basis for Processing (GDPR)
For users who are nevertheless subject to the GDPR or UK GDPR (see Section 2), we process personal data based on the following legal grounds:
- Contractual Necessity: Processing required to provide the Service (account management, billing, AI chatbot functionality).
- Legitimate Interests: Improving the Service, preventing fraud, ensuring security, enforcing our Terms, and analyzing usage patterns. You have the right to object to processing based on legitimate interests (see Section 14).
- Legal Obligations: Compliance with tax laws, billing record retention, and responding to lawful government or public authority requests (see Section 8.2).
- Consent: For certain processing activities such as optional marketing communications. You can withdraw consent at any time.
9. AI Data Processing
LoopHQ uses multiple AI service providers to generate chatbot responses and to power the analytical signals described in Section 5. Here is how your data is processed:
- What is sent to AI providers: Visitor messages and the relevant portions of your knowledge base needed to generate a response, along with the agent configuration and industry context required for the AI to respond appropriately.
- What is NOT sent: Your entire knowledge base is not sent to AI providers. Only the portions relevant to a given query are included. Unrelated account data is not included in AI prompts.
- Embeddings: Your knowledge base content is processed into mathematical representations (embeddings) stored in our database to support semantic search. This happens when content is uploaded and when content changes.
- Multiple providers: LoopHQ uses multiple AI providers for reliability. Your data may be processed by any of them. See our Sub-Processors page for the current list.
- AI-initiated actions: Depending on your configuration, the AI may take actions on your behalf such as scheduling appointments, capturing lead information, sharing resources you have configured, and routing conversations to a human team member. See AI Interaction Notice and Terms of Service § 9.
- Abuse prevention: We apply automated safeguards to detect and block abuse before sending requests to AI providers.
- Multilingual processing: When enabled in your settings, Loop detects the visitor’s language and responds in that language. AI translation may produce errors; see Terms of Service § 8.
- Not used for training: None of our AI providers are authorized to use Loop customer or visitor data to train or fine-tune their models. API-based AI usage typically does not involve training on customer data.
- Processing location: All AI service providers used by Loop are US-based.
10. Data Retention
We retain data for the following periods:
- Conversation History: We retain conversation data until you request deletion or close your account. This powers your dashboard, analytics, and your AI agent’s understanding of past visitor interactions. Account holders can delete individual conversations, entire agents (which removes all associated conversations), or their entire account at any time from the LoopHQ dashboard. Pro and Growth customers can also export conversation data at any time.
- Visitor Deletion Rights: Any visitor whose data was collected through a chatbot may request deletion through the process described in Section 11. We act as a data processor for visitor data on behalf of the operating business.
- Knowledge Base Content: Retained as long as your account is active.
- Account Data: Retained as long as your account exists.
- Notifications: In-app notifications are retained for a limited period and are pruned periodically.
- Integration Credentials: Retained until you disconnect the integration or close your account. Disconnection removes the stored credentials from our systems.
- Billing Records: Retained for 7 years as required by applicable tax and financial laws.
- Billing Audit Log: Retained for 7 years for security and fraud prevention.
- After Account Deletion: When an account holder closes their account, associated personal data and conversation data are removed within 30 days. Anonymized, aggregated analytics data may be retained. Billing records are retained as noted above.
- Inactive Accounts: Accounts inactive for 12 months or more may be archived. Email notifications are sent before archiving.
11. Visitor Data Subject Request Process
Visitors who interacted with a Loop agent on an operating business’s website have the right to request access to, correction of, deletion of, or portability of their personal data. Because the operating business is the data controller and LoopHQ is the data processor for visitor data, requests can be submitted through either party.
Preferred path — through the operating business: Contact the business you interacted with and request the action you want taken. They can act directly through their LoopHQ dashboard or instruct us to act on their behalf.
Direct path — through LoopHQ: Email privacy@loophq.dev with:
- Subject line: “Visitor Data Request”
- The website, Page, or account where the conversation took place
- A date range or other identifying detail to help us locate the relevant conversation
- The specific action requested (access, correction, deletion, export)
Verification: To protect visitors from unauthorized requests, we may ask for identifying information that matches the conversation record (for example, the email address or phone number used during the conversation). We will only verify through information the visitor already provided during the conversation — we will not ask for government ID or other sensitive identifiers.
Response time: We will acknowledge your request within 10 business days and respond substantively within 30 days, consistent with GDPR Article 12(3) and CCPA § 1798.130. We may extend the response time by up to 45 additional days for particularly complex requests, as permitted by law, and will notify you if we do.
Account holder deletion: If you are an account holder (a LoopHQ customer), you may delete conversations, agents, or your entire account directly from the dashboard, or request assistance at privacy@loophq.dev.
13. Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption in transit: All data is transmitted over HTTPS/TLS
- Encryption at rest: Data stored in our database is encrypted at rest
- Data isolation: Row-level security policies at the database layer ensure your data is isolated from other customers even if application-layer authorization fails
- Access controls: Separate keys for different access levels, with administrative access restricted to essential operations
- Webhook signing: Outbound webhooks to customer-configured endpoints are HMAC-signed so you can verify authenticity
- Rate limiting: Automated per-IP and per-visitor limits protect against abuse
- Audit logs: Billing actions and sensitive operations are logged with actor, IP, and state changes
- Regular review: We regularly review our security practices and update them as needed
While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
14. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
For all users:
- Access the personal information we hold about you
- Correct inaccurate personal information
- Delete your personal information
- Export your data in a portable format
- Update your communication preferences from your account settings
Additional rights for California residents (CCPA/CPRA):
- Right to know what personal information is collected and how it is used
- Right to delete personal information
- Right to correct inaccurate personal information
- Right to limit use and disclosure of sensitive personal information
- Right to opt-out of the sale or sharing of personal information (we do not sell or share — see our Do Not Sell or Share notice)
- Right to non-discrimination for exercising your privacy rights
Additional rights for residents of Virginia, Colorado, Connecticut, Utah, and other U.S. states with comprehensive privacy laws:
- Right to access, correct, and delete personal data
- Right to data portability
- Right to opt out of targeted advertising (we do not engage in it), sale of personal data (we do not sell), and profiling in furtherance of solely automated decisions that produce legal or similarly significant effects (see Section 5 — Loop does not make such decisions solely through automation)
- Right to appeal our decision on any rights request
Additional rights for EU/EEA and UK residents (GDPR / UK GDPR):
- Restrict processing of your personal data
- Object to processing based on legitimate interests
- Withdraw consent at any time (where processing is based on consent)
- Not be subject to a decision based solely on automated processing that produces legal or similarly significant effects (see Section 5)
- Lodge a complaint with your local data protection authority
To exercise your rights: Account holders may exercise most rights directly from the LoopHQ dashboard. Visitors to customer sites should use the process described in Section 11. For any other request, contact us at privacy@loophq.dev. We will respond within 30 days.
15. Children’s Privacy
LoopHQ is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.
Our customers are responsible for ensuring their deployments do not target or collect personal information from children under 13 in violation of the Children’s Online Privacy Protection Act (COPPA) or comparable laws. See our Usage Policy.
If you believe a child has provided us with personal information, please contact us at privacy@loophq.dev.
16. International Transfers
LoopHQ is operated by PROXYGIST LLC, based in the United States. Our service providers are primarily US-based; a subset also have operations in the European Union (noted on our Sub-Processors page).
Your data is stored and processed primarily in the United States. By using the Service from outside the United States, you acknowledge that your information will be transferred to the United States, where data protection laws may differ from those in your jurisdiction.
17. WordPress Plugin
The LoopHQ WordPress plugin allows website owners to easily embed their LoopHQ chatbot on WordPress sites.
What the plugin sends to LoopHQ:
- Project ID: Your unique project identifier, used to load the correct chatbot configuration
- Deployment ping: A one-time notification on plugin activation containing your Project ID and the source “wordpress” to confirm your chatbot is live
What loads on your WordPress site:
- The LoopHQ widget script is loaded asynchronously on every page
- Visitor interactions with the chatbot are processed by LoopHQ’s AI service as described throughout this Privacy Policy
No additional data is collected through the WordPress plugin beyond what is described in Section 3.3 (Visitor Data).
18. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before taking effect. The updated policy will be posted with a new “Last Updated” date and version number.
Your continued use of the Service after the updated policy takes effect constitutes acceptance of the changes.
19. Contact Us
If you have any questions about this Privacy Policy or your data, please contact us:
PROXYGIST LLC, doing business as LOOP
Privacy inquiries: privacy@loophq.dev
General inquiries: support@loophq.dev
Website: loophq.dev