Last updated: April 1, 2026
Yes, we actually wrote this ourselves. No, a lawyer didn't cry while reading it. Maybe.
TGLiveChat ("we," "us," "our") is a live chat widget that lets website visitors send messages which get routed straight to your Telegram. We're a software-as-a-service product. We don't sell ads. We don't sell data. We built this thing because existing live chat tools were either bloated, expensive, or both.
This privacy policy explains what information we collect, why we collect it, and what we do with it. We've also included "human translation" sections after each formal block so you can actually understand what we're saying without a law degree.
By using TGLiveChat, either as a site owner installing our widget or as a visitor chatting through it, you agree to the practices described here. If you don't agree, that's completely fine. Just don't use the service. No hard feelings.
We collect different types of data depending on whether you're a site owner (our customer) or a visitor (someone chatting on our customer's website).
When you sign up, we collect your email address and basic profile info through our authentication system powered by Supabase Auth. If you connect your Telegram bot, we store your bot token (encrypted) and your Telegram chat ID so we know where to send messages. We also store your widget configuration preferences like colors, welcome messages, position, language settings, and any quick-reply buttons you set up.
When a visitor opens the chat widget and starts a conversation, we collect the following information:
// human-translation
OK so here's what this actually means in normal people words. If you're the site owner, we need your email to let you log in and your Telegram bot info so we can actually send you messages. Pretty basic stuff.
If you're a visitor chatting on someone's site, we collect what you type (obviously, it's a chat), some technical stuff about your browser so the site owner can see "oh this person is on Chrome on a Mac," and your approximate location at the country level. We're not tracking your exact GPS coordinates or anything weird like that. We basically know you're from Germany, not that you're at the Starbucks on Friedrichstrasse.
We use the data we collect for the following purposes. And only these purposes. We're not secretly building a profile of you to sell sneaker ads.
The core function. When a visitor sends a message through the widget, we forward it to the site owner's Telegram bot. The message includes the visitor's text along with contextual information like their name (if provided), country, page URL, and device info. This is literally why the product exists.
We store conversations in our Supabase database so site owners can view chat history in their dashboard, search through past conversations, and keep a record of customer interactions. Without this, every time you refreshed your dashboard, all your chats would vanish. Nobody wants that.
We aggregate some visitor data to show site owners basic analytics in their dashboard. Things like total conversations, messages per day, which countries visitors are from, and what devices they use. This data is shown in aggregate. We don't build individual visitor profiles or track people across different websites.
We look at aggregate, anonymized usage patterns to figure out what's broken, what's slow, and what features people actually use. If nobody ever clicks the "change widget color" button, maybe we should make it more obvious. Or maybe nobody cares. Either way, we need data to know.
We use Resend to send you emails for things like password resets, billing notifications, and important service updates. We don't send marketing emails unless you explicitly opt in. And even then, we're not going to spam you. We hate spam too.
// human-translation
Basically: we use your data to make the chat work. Messages go from widget to Telegram. We save the conversation so you can see it later. We count some stuff so you get nice graphs in your dashboard. And we send you emails only when something actually matters, like when you forget your password at 2 AM (we've all been there).
We don't sell your data. We don't rent your data. We don't show your data to anyone in a trench coat. Your data is used to make the product work. That's it. Honestly kinda boring when you put it that way.
We don't build everything from scratch because we're not masochists. Here are the third-party services we rely on and what data they might see:
Supabase hosts our database and handles authentication. All your account data, chat messages, widget configurations, and visitor records live in a Supabase PostgreSQL database. Supabase provides Row Level Security (RLS) so each customer can only access their own data. Supabase is SOC 2 Type II compliant and stores data in secure, encrypted infrastructure. Their privacy policy applies to data stored on their platform.
When visitors send messages, we forward them through the Telegram Bot API to the site owner's Telegram account. This means Telegram receives the message content and any visitor info included in the forwarded message (name, country, page URL). Telegram's own privacy policy governs how they handle this data on their end. We can't control what Telegram does with it once it leaves our servers. But since the site owner chose to use Telegram as their communication channel, this is kind of the whole point.
Our dashboard and landing pages are hosted on Vercel. Vercel processes incoming HTTP requests, which means they have access to IP addresses, request headers, and standard web server logs. Vercel's infrastructure is SOC 2 compliant and they have their own privacy practices documented on their website.
Our backend API server runs on Railway. It processes chat messages, handles webhook communications with Telegram, and manages real-time connections. Railway sees server logs and network traffic related to our API operations. They're a cloud platform with standard security practices.
We use Resend to send transactional emails. They receive your email address and the content of the email we're sending you. Resend doesn't use your data for their own marketing. They just deliver the emails we tell them to deliver.
When a visitor starts a chat, we send their IP address to ip-api.com to determine their country. This is a one-time lookup per session. We store the country name in our database but don't retain the raw IP address long-term. ip-api.com has their own data handling practices which you can review on their site.
Our widget and dashboard may load fonts from Google Fonts. When this happens, Google receives the visitor's IP address and standard request headers. Google's privacy policy applies to this data. We're considering self-hosting fonts in the future to eliminate this data sharing entirely, but we haven't gotten around to it yet. Sorry about that.
// human-translation
So we use a bunch of other companies to make everything work. Think of it like running a restaurant. We don't grow our own wheat or raise our own cattle. We get ingredients from suppliers.
Supabase holds the database. Telegram delivers the messages (duh). Vercel hosts the website. Railway runs the backend. Resend sends emails. ip-api.com figures out what country visitors are from. And Google gives us nice fonts because life's too short for Times New Roman.
None of these companies get your data for fun. They get exactly what they need to do their specific job. It's like giving your address to a pizza delivery person. They need it to bring you pizza, not to show up uninvited on weekends.
We retain data for as long as it's necessary to provide the service. Here's the breakdown:
Chat messages: Stored for the lifetime of the site owner's account. When a site owner deletes their account, we delete all associated chat data, visitor records, and widget configurations within 30 days.
Visitor data: Retained alongside the chat messages they belong to. When chats are deleted, visitor data goes with them.
Account data: Your email and account settings are stored for as long as you have an active account. After account deletion, we purge this data within 30 days, except where we need to keep it for legal compliance (like billing records, which we may need to retain for tax purposes for up to 7 years depending on jurisdiction).
Server logs: Standard web server logs (which may include IP addresses) are automatically rotated and deleted after 30 days by our hosting providers.
IP addresses: We don't store raw visitor IP addresses in our database. We use the IP for country detection and then discard it. The country name is stored, not the IP.
// human-translation
Short version: we keep your stuff as long as you have an account. Delete your account? We delete everything within 30 days. The only exception is boring financial records that tax authorities make us keep. Blame the government, not us.
And no, we don't hoard old data in some dusty server hoping it'll be valuable someday. Storage costs money. We're not going to pay to keep data we don't need. Economics is on your side here.
If you're in the European Economic Area (EEA), the United Kingdom, or anywhere else that recognizes GDPR or similar data protection rights, you have the following rights regarding your personal data:
Right of Access: You can request a copy of all personal data we hold about you. We will provide this in a structured, commonly used, machine-readable format (JSON or CSV, your pick) within 30 days of your request.
Right to Rectification: If any data we hold about you is inaccurate or incomplete, you have the right to ask us to correct it. Just let us know what's wrong and we'll fix it.
Right to Erasure ("Right to be Forgotten"): You can request that we delete all your personal data. For site owners, this means full account deletion including all chats, visitor data, and configurations. For visitors, site owners can delete individual visitor records and conversations from their dashboard. Visitors can also contact us directly to request deletion.
Right to Data Portability: You can request your data in a portable format so you can move it to another service. We'll export it as JSON or CSV.
Right to Object: You can object to certain types of data processing. If you object to something and we don't have a legitimate overriding reason to keep doing it, we'll stop.
Right to Restrict Processing: You can ask us to temporarily stop processing your data while we address a concern or verify accuracy.
To exercise any of these rights, email us at privacy@tglivechat.com. We respond to all requests within 30 days. If your request is particularly complex, we might need an additional 30 days, but we'll let you know. No ghosting, we promise.
If you're unhappy with how we handle your data, you also have the right to lodge a complaint with your local data protection authority. We'd obviously prefer you talk to us first so we can try to sort it out, but it's your right and we respect it.
// human-translation
GDPR gives you a bunch of rights. You can ask us what data we have on you (access). You can tell us to fix wrong stuff (rectification). You can tell us to delete everything (erasure). You can ask for your data in a file you can take somewhere else (portability). And you can tell us to stop doing something specific with your data (objection).
Basically, it's your data. You're the boss. We just hold onto it for you. If you want it back or want it gone, email us and we'll sort it out within 30 days. We're not going to make you fill out twelve forms and wait on hold for two hours. We're a small team, we read our emails, and we actually reply to them. Wild concept, I know.
TGLiveChat is not directed at children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and you believe your child has provided us with personal information through a chat widget, please contact us immediately at privacy@tglivechat.com.
If we discover that we have collected personal information from a child under 16 without parental consent, we will delete that information as quickly as possible. We don't want kids' data. We don't need kids' data. We're a B2B chat tool, not a playground.
Site owners who install TGLiveChat on websites directed at children bear responsibility for compliance with COPPA, GDPR age requirements, and other applicable child protection laws. If your website is for kids, you probably shouldn't be using a live chat tool that collects visitor data. Just something to think about.
// human-translation
Kids under 16 shouldn't be using this. If your kid somehow ended up chatting through our widget and shared personal info, tell us and we'll nuke it immediately. We're very much not in the business of collecting data from minors. That's creepy and illegal and we want no part of it.
We take security seriously. Not "we take security seriously" in the way every company says it and then stores passwords in plain text. We actually do things.
TLS/SSL Encryption: All data transmitted between the visitor's browser, our servers, and our database is encrypted using TLS 1.2 or higher. Your messages are encrypted in transit. Always.
Row Level Security (RLS): Our Supabase database uses PostgreSQL Row Level Security policies to ensure that each customer can only access their own data. Even if there's a bug in our application code, RLS acts as a second line of defense at the database level. Customer A literally cannot query Customer B's data, regardless of what API request they craft.
Shadow DOM Isolation: Our chat widget runs inside a Shadow DOM on the host website. This provides XSS (Cross-Site Scripting) protection by isolating the widget's DOM tree from the host page. Malicious scripts on the host website cannot easily access or manipulate the widget's internal structure, form inputs, or session data.
Timing-Safe Authentication: Our webhook authentication uses timing-safe comparison functions to prevent timing attacks. When Telegram sends a webhook to our server, we verify the request authenticity using constant-time string comparison, so attackers can't figure out the secret token by measuring response times.
Encrypted Bot Tokens: Telegram bot tokens stored in our database are encrypted at rest. Even if someone got access to our database (which would be very bad), they couldn't just read your bot tokens in plain text.
Rate Limiting: We implement rate limiting on our API endpoints to prevent abuse, brute force attacks, and denial of service attempts. If someone starts hammering our servers with requests, they get throttled.
// human-translation
We encrypt everything in transit. Our database has built-in rules so customers can't peek at each other's data even if they try really hard. The widget runs in a security bubble (Shadow DOM) so sketchy websites can't mess with it. We use fancy timing-safe comparisons so hackers can't sniff out secrets by counting milliseconds. Bot tokens are encrypted so even in a worst-case database breach, they're gibberish.
Is it perfect? Nothing is perfect. But we're doing significantly more than the minimum. Most live chat widgets just dump an iframe on your page and call it a day. We actually thought about this stuff.
We may update this privacy policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. For significant changes that materially affect how we handle your data, we will also notify registered users via email.
We won't suddenly decide your data belongs to us or start selling it to advertisers and bury the change in paragraph 47 of an updated policy. If we ever make a big change, you'll know about it. Clearly. In plain language. Probably with another one of these "human translation" sections.
We encourage you to review this policy periodically. But we're realistic. Nobody actually bookmarks a privacy policy and checks it weekly. That's why we send emails for the important stuff.
// human-translation
If we change something important, we'll email you about it. We won't do that thing where companies quietly change their privacy policy to do something terrible and hope nobody notices. If the date at the top changed and you didn't get an email, it was probably just a typo fix or some lawyer made us rephrase something. The actually important changes get emailed.
If you have any questions about this privacy policy, want to exercise your data rights, or just want to tell us we missed a comma somewhere, you can reach us at:
We aim to respond to all privacy-related inquiries within 48 hours. Usually faster. We're a small team and we actually read our email. If you don't hear back within a week, something went wrong. Try again or check your spam folder (we swear we replied).
// human-translation
Got questions? Email us. We're real humans. We reply to things. If you're writing to yell at us about something, maybe also include what you'd like us to do about it, so we can actually help. But honestly, even if you just want to vent, that's fine too. We can take it.
That's it. You made it through an entire privacy policy. Honestly? Respect. Most people just scroll to the bottom and hope for the best. If you read the whole thing, you now know more about our data practices than probably 99% of our users. Feel free to quiz us on it. We'll be impressed.