back to features

Policies

Define rules that govern your bots automatically - control how long data is retained and cap how much each bot can consume, with alerts and enforcement.

Policies let you set rules that govern your bots automatically, so data handling and spend stay within the bounds you define without manual oversight. ChatBotKit evaluates policies continuously and acts the moment a rule is crossed, giving you guardrails that work whether you are watching or not.

Policies come in two types that you can combine: data retention and usage. Both apply at two scopes - attach a policy to a specific bot, or leave it global to cover every bot in the account - and both are managed through the dashboard or the Policy API.

What You Can Do

  • Control data retention: Automatically prune conversations and data by age, so information does not linger longer than your rules allow. See Retention Policies.
  • Cap usage and cost: Watch tokens, messages, or conversations against a threshold over a rolling window, and alert or block when it is crossed. See Usage Policies.
  • Scope precisely: Govern a single bot or the whole account from one rule.
  • Alert and enforce: Send deduplicated email alerts, pause a bot automatically, or both.
  • Automate setup: Manage every policy through the Policy API as well as the dashboard.

How It Works

Retention policies prune data by age on a throttled, ongoing basis so old conversations and records are cleaned up according to your rules and plan. Usage policies count consumption at the usage-recording layer, so every token, message, and conversation is accounted for in real time; when a threshold is crossed within its window, the policy's actions fire. A bot's own policies and the account-wide policies are evaluated together on each relevant event.

Getting Started

Open the Policies section of the dashboard and create a policy. Choose retention or usage, set the rule - an age for retention, or a metric, threshold, and window for usage - add any alert or block actions, and attach it to a bot or leave it global. The Policy API is available for programmatic management.

Practical Uses

Policies are essential for governance and compliance: enforce data-retention limits for privacy and regulatory needs, cap spend to prevent runaway costs, and catch misbehaving bots before they reach an invoice. Together they give you a single, automatic control surface over how your AI handles data and consumes resources.

policiesgovernancecompliancesecurityenterprisecostretention