Privacy Policy
Effective Date: 16.01.2024
Introduction
Welcome to “AI Supolka” (”we”, “us”, the legal name ‘Heorhi Kaurei, JDG’). We specialize in the development and provision of advanced artificial intelligence chatbot solutions that can be accessed via various messenger platforms. The primary objective of our organization is to harness the capabilities of artificial intelligence in order to deliver superior, immediate support to users across a range of sectors. This privacy policy delineates the manner in which we collect, manage, and utilize your personal data. Prior to availing our services and interfacing with our AI chatbots, it is imperative that users acquaint themselves with our data practices. Engaging with our services indicates your consent to the stipulated practices within this document.
Definitions
For the purposes of clarity and to ensure that the stipulations of this privacy policy are unequivocally understood, the following terms have been defined:
Personal Data: Information that pertains to an identifiable individual, either directly or in conjunction with other data. This encompasses, but is not limited to, attributes such as names, electronic mail addresses, messenger platform identifiers, Internet Protocol addresses, the substance and accompanying data of messages you dispatch to our system, along with the correspondence we share with you, such as when you participate in our surveys or reach out with inquiries, provide feedback, or for any other interaction..
Processing: The comprehensive range of operations conducted on personal data, encompassing activities from its initial collection to its eventual deletion. This includes, among other operations, recording, organization, utilization, and dissemination.
User: Any individual who interacts with our artificial intelligence chatbot solutions via various messenger interfaces, web applications, and mobile applications.
Consent: An explicit assent provided by the user, granting authorization for the processing of their personal data in accordance with predefined purposes.
Cookies: Digital data entities stored upon a user's device during their interaction with our services. Their primary function is to augment user experience and collate information pertaining to service usage.
Energy: The proprietary currency within our platform's ecosystem. It is leveraged by users to access functionalities or to engage in prolonged interactions with our AI chatbots.
AI (Artificial Intelligence): A sophisticated technological paradigm that equips our chatbots with the capacity to emulate human cognitive functions such as learning, comprehension, problem-solving, perception, and linguistic interpretation.
Utilization of Collected Information
The data we procure, both personal and non-personal, is of paramount importance in facilitating our operational efficacy. Specifically, the information is utilized in the following manner:
Service Provision and Enhancement: The data enables us to deliver our chatbot services adeptly and continuously refine them to cater to evolving user requirements.
Communication Initiatives: Personal data, such as electronic mail addresses and messenger platform identifiers, permits us to establish communication channels with users, keeping them apprised of updates, changes, and other pertinent information related to our services.
Behavioral Analysis: By analyzing user engagement patterns and preferences, we aspire to gain insights that drive further refinement and customization of our offerings.
Legal Adherence: In scenarios where regulatory or legal frameworks necessitate disclosure or other specific actions related to user data, we comply rigorously.
Fraud Prevention: To safeguard the integrity of our platform and protect our users, we employ the data to detect, prevent, and address fraudulent activities and potential threats.
Automated Information Gathering
Both we and our service providers engage in the systematic recording and assimilation of details pertaining to you, your computing or mobile device, as well as your interactions over time with our Services, web-based materials, and communications, including:
Device Information: This includes data like the type and version of your device's operating system, its manufacturer and model, the type of browser, the screen's resolution, whether it's a phone or tablet, the IP address, distinct identifiers, language preferences, and a rough location such as city or region.
Digital Footprint Tracking: This captures which pages or interfaces you visit, time spent on a given page or interface, the previous website you visited before ours, the route you take through our site, how you interact with a page or interface, when you accessed it, how long you stayed, and your engagement with our emails or other communications.
For this automated data gathering, we utilize tools like:
Cookies: These are small text files placed on your device by websites to identify your browser uniquely or to store data or settings in your browser to aid in efficient navigation between pages, remember your preferences, enable website features, and to track user behavior and patterns.
Local Storage Options: Technologies such as HTML5 that offer functionality similar to cookies but can hold more data, including information stored on your device outside of your browser in connection with specific apps.
Web Beacons: Also known as pixel tags or clear GIFs, these are employed to confirm that a web page or email has been viewed or opened, or that specific content was seen or interacted with.
Dissemination of User Information
Occasionally, there is a requirement to share user data with third-party entities. Such sharing is circumscribed by strict protocols and occurs under the following circumstances:
Service Provision and Enhancement: Collaborating with third-party entities might be necessary to either provide our chatbot services or enhance their features, functionalities, or efficiency.
Legal Mandates: In instances where we are legally obligated or there is a regulatory directive, user data might be disclosed to relevant authorities or entities.
Business Collaborations: Strategic collaborations with business partners may necessitate the sharing of certain data to achieve mutual objectives or implement integrated solutions.
Prohibition of Sale: It is of utmost importance to note that, under no circumstance, will personal user data be commoditized or sold by our organization.
Data Storage and Retention
The manner in which we store and retain data is guided by stringent protocols, ensuring both data integrity and regulatory compliance:
Storage Protocols: Personal data acquired by our platform is stored on secure servers equipped with advanced encryption mechanisms. These servers may be located either within our primary jurisdiction or in other regions, depending on operational requirements.
Retention Period: We retain user data for a duration that is requisite for the fulfillment of the purposes delineated in this privacy policy. Post this period, data is either permanently deleted or anonymized for further analytical use, unless its retention is mandated by applicable legal provisions.
Periodic Review: We undertake regular reviews of stored data to ascertain its relevance and accuracy. Data found to be obsolete or no longer necessary for our operational requirements is purged in accordance with established procedures.
Data Sharing and Disclosure
Our commitment to user privacy is evident in our judicious approach to data sharing and disclosure:
Operational Necessities: We may share user data with internal departments or units to fulfill our service commitments or for operational efficiency.
Consent-Based Sharing: Any disclosure of user data outside the confines of our operational needs will only be executed with the explicit consent of the user in question.
Regulatory and Legal Compliance: Circumstances may arise where we are obligated by law or regulatory directives to disclose user data. In such cases, data will be shared strictly in adherence to the provisions of the governing statute.
Preclusion of Unauthorized Sharing: It is categorically reiterated that we do not, under any circumstance, indulge in the sale or unauthorized dissemination of user personal data.
Third-Party Processors and Partners
Our operational model occasionally necessitates collaboration with third-party entities. These collaborations are governed by meticulous safeguards:
Engagement Criteria: We engage with third-party processors and partners based on rigorous evaluations of their data protection policies and practices, ensuring alignment with our standards.
Data Processing Agreements: All third-party entities that have access to or process user data on our behalf are bound by formal data processing agreements, compelling them to maintain the confidentiality and security of the data.
Purpose Limitation: Any data shared with third-party processors is strictly for specified purposes, and any deviation from the stipulated purpose is deemed a breach of the agreement.
Audits and Oversight: We reserve the right to audit and oversee the data protection measures of our third-party partners, ensuring compliance and rectifying potential vulnerabilities.
International Data Transfers
In our pursuit of offering a globally integrated service, data transfers across international borders may be necessitated:
Regulatory Adherence: When transmitting data internationally, we strictly abide by the data protection laws and regulations applicable to both the exporting and importing jurisdictions.
Adequate Safeguards: To ensure the integrity and confidentiality of data during international transfers, we employ robust encryption methods and secure transmission protocols.
Data Hosting: While our servers might be located in various geographic locales, we ensure that they adhere to our high standards of data protection, irrespective of their physical location.
User Rights
Our commitment to user privacy manifests in the recognition and upholding of their rights concerning their personal data:
Right to Access: Users can demand a comprehensive account of their personal data held within our repositories, along with its usage specifics.
Right to Rectification: Users can rectify or update their personal data if they identify inaccuracies or discrepancies.
Right to Erasure: Users can request the deletion of their personal data, subject to regulatory and operational constraints.
Right to Data Portability: Users can request their data in a structured, commonly-used, and machine-readable format or demand its direct transfer to another data controller, where feasible.
Right to Object: Users can object to the processing of their personal data for specific purposes, including direct marketing.
Users wishing to enact any of the aforementioned rights are encouraged to contact our designated communication channel.
Data Protection and Security
The security of user data is paramount in our operational ethos:
Advanced Security Mechanisms: Our technological infrastructure is fortified with cutting-edge security tools, including firewalls, encryption techniques, and intrusion detection systems.
Organizational Measures: Beyond technological mechanisms, we instate rigorous organizational measures like access controls.
Incident Response: In the rare eventuality of a security breach, we have an established protocol for swift mitigation and user notification, in accordance with relevant regulatory guidelines.
Continuous Improvement: The dynamic nature of digital threats demands perpetual vigilance. We continually assess and update our security measures to counter emergent vulnerabilities.
Children's Privacy
Our services are formulated with adults as the primary user group. The privacy of minors is a sensitive matter and warrants specific attention:
Age Restrictions: Our platform is not tailored for, nor does it intentionally target, individuals under the age of 18.
Inadvertent Data Collection: Should we become aware that personal data from a child below 13 has been inadvertently collected without verifiable parental consent, we shall take swift measures to erase such data from our records.
Parental Oversight: Parents or guardians who ascertain that their child has provided personal data to us without their consent are implored to notify us. Immediate actions will be taken to address the situation.
Updates and Changes to the Policy
In our endeavor to remain compliant with evolving regulatory landscapes and to enhance our data protection mechanisms, this privacy policy is subject to periodic revisions:
Notification of Amendments: Should any significant modifications be made to this policy, we will duly notify our users through the most appropriate channels, ensuring they remain informed.
Review Encouraged: We advocate that users periodically review this policy to stay updated on how their data is protected. The date of the latest revision will always be clearly indicated at the beginning or end of this document.
Continued Use: Using our platform post any policy amendments indicates the user's acquiescence to the revised terms.
Cookies and Tracking
To optimize user experience and analyze platform performance, we deploy cookies and other tracking mechanisms:
Definition and Use: Cookies are minute files placed on a user's device, facilitating features like user authentication, preference retention, and analytic insights into user behavior.
Types of Cookies: Our platform may employ session cookies (temporary and erased upon browser closure) and persistent cookies (retained until manually deleted or they expire).
Third-Party Cookies: Some cookies might be set by third-party services we employ for functionalities like analytics or advertising. Their use will be in line with their respective privacy policies.
Disabling Cookies: Users retain the prerogative to disable cookies through their browser settings, although this might affect certain functionalities of our platform.
Consent Through Use
By utilizing our platform and its services, users inherently provide their consent to the terms stipulated in this privacy policy:
Implicit Agreement: Accessing, browsing, or otherwise using our services signifies the user's tacit agreement to the collection, storage, and processing of their personal data as delineated in this policy.
Informative Stance: We endeavor to elucidate our data practices comprehensively so that users are fully informed about how their data is used while they engage with our services.
Opt-Out Options: Even though consent is inferred through use, users retain the ability to opt out of data processing activities by termination of service usage
Revisiting Terms: We advise users to periodically review this privacy policy to remain informed about any changes or updates. Continued usage of our services post any amendments affirms the user's acceptance of the revised terms.
Third-Party Links, Feedback Forms, and Integrations
In our mission to enhance user experience and solicit feedback, our platform may incorporate third-party links, including those that lead to feedback forms, and other integrations:
External Sites and Feedback Forms: Our platform may feature links to external websites, services, or feedback forms. While we consider user feedback invaluable, it's important to note that we hold no jurisdiction over the content or data practices of these third-party entities, and their inclusion does not signify our endorsement.
Privacy Practices of External Entities: The privacy policies and practices of these third-party sites, including feedback forms, might diverge from ours. We implore users to read their privacy statements diligently before disclosing any personal data.
Integrations: We might assimilate third-party applications or services into our platform for augmented functionalities. While we are selective and favor reputable partners, users are advised to assess their respective data handling practices.
By specifying that external links might lead to feedback forms, users are made aware that their interactions with these forms are also subject to the privacy practices of third parties.
Contact Information
For any inquiries, feedback, or concerns related to this privacy policy or our data practices in general, users are welcome to reach out:
Entity Name: AI Supolka (legal name as Heorhi Kaurei, JDG)
Contact Method: Through our designated communication channel, which can be accessed at [support@sophiachat.ai].
We are committed to addressing user queries promptly and comprehensively. Your trust is paramount to us, and we are always eager to bolster it through open communication.
Governing Law
This privacy policy and any disputes arising out of or related to it shall be governed by and construed in accordance with the laws of a Poland jurisdiction, without regard to its conflict of laws principles.
Jurisdictional Adherence: All matters related to our platform, services, and this privacy policy are designed to comply with the laws of the aforementioned jurisdiction.
Global Considerations: While our services might be accessed globally, we make no claims that they are appropriate or may be available for use in locations outside the governing jurisdiction.
Dispute Resolution
In the event of any disputes or grievances related to this privacy policy or our data practices:
Initial Redressal: Users are first encouraged to contact us directly. We are keen on resolving issues amicably and promptly.
Binding Arbitration: If the matter remains unresolved through direct communication, it shall be settled by binding arbitration, conducted in the aforementioned jurisdiction.
Waiver of Class Action: By using our services, users agree to waive any right to participate in class actions against us and agree to resolve disputes on an individual basis.
Compliance and Regulations
Our data handling and processing activities are meticulously crafted to adhere to pertinent global and local regulations, including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We remain committed to upholding the highest standards of data protection and continuously monitor regulatory landscapes to ensure our practices are always aligned with these mandates.
Feedback and User Input
We value the perspectives of our users and recognize the importance of continuous improvement. As such, we have established channels through which users can share their feedback, concerns, or suggestions related to our privacy policy or any associated data practices:
Feedback Channels: Users are encouraged to share their input through designated feedback forms, email, or other communication tools provided on our platform.
Active Engagement: We actively review user feedback to inform potential revisions or enhancements to our privacy policy and related practices. Such a collaborative approach ensures that our policy remains attuned to user expectations and concerns.
Acknowledgment and Action: While we may not individually respond to every piece of feedback, be assured that each submission is evaluated seriously. We prioritize implementing suggestions that bolster our commitment to data protection and user trust.
Policy Revisions: Any significant changes or updates resulting from user feedback will be communicated clearly, ensuring that our user base remains informed and engaged in the evolution of our privacy practices.
© Sophia AI Chat 2023