PrivyChat

Privacy Policy

Last updated: August 11, 2025

Our Commitment to Your Privacy

At PrivyChat, privacy isn't just a feature—it's fundamental to everything we do. This Privacy Policy explains how we collect, use, protect, and handle your information when you use our services.

Information We Collect

Account Information

When you create an account, we collect your email address, name, and organization details. This information is necessary to provide our services and manage your account.

Documents and Content

You upload documents and content to create your organization's knowledge base. This content remains completely private to your organization and is never used to train our models or shared with other customers.

Usage Information

We collect information about how you use our services, including queries made, features accessed, and technical data necessary for service operation and improvement.

How We Use Your Information

  • Provide and maintain our AI chat services
  • Process your documents to create searchable knowledge bases
  • Provide customer support and respond to your inquiries
  • Improve our services and develop new features
  • Ensure security and prevent fraud

Data Protection & Security

Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your documents and conversations are protected with military-grade security.

Data Isolation

Your organization's data is completely isolated from other customers. We maintain strict logical and physical separation to ensure zero cross-tenant access.

Access Controls

We implement strict access controls and audit all access to your data. Only authorized personnel can access systems containing your information, and all access is logged.

Data Sharing & Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

  • Service Providers: With trusted third-party service providers who assist in operating our services, subject to strict confidentiality agreements
  • Legal Requirements: When required by law, regulation, or valid legal process
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice provided

Your Rights & Choices

You have the following rights regarding your personal information:

  • Access: Request copies of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing of your personal information

Data Retention

We retain your information only as long as necessary to provide our services and fulfill the purposes outlined in this policy. When you cancel your account, you have 30 days to export your data, after which all information is permanently deleted from our systems.

International Data Transfers

All data is stored and processed exclusively within the United States in secure data centers. We do not transfer your data outside the US, ensuring compliance with US data protection regulations.

Compliance

We are committed to compliance with applicable privacy laws and regulations, including:

  • California Consumer Privacy Act (CCPA)
  • General Data Protection Regulation (GDPR)
  • SOC 2 compliance (planned)

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date above. For significant changes, we may also send you a direct notification.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Contact Us

We'll respond to all privacy-related inquiries within 24 hours.