Privacy Policy

1. Introduction

This Privacy Policy describes how Chat Assistant ("we", "us", or "our") collects, uses, and protects your personal data when you use our services. We are committed to ensuring your privacy is protected in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Chat Assistant operates as the data controller for the personal data processed through our platform. For any privacy-related inquiries, please contact us at the email address provided below.

3. Data We Collect

We collect and process the following categories of personal data:

Data Category	Examples	Purpose
Account Data	Email address, username, display name	Account creation and authentication
Meeting Data	Meeting names, participant emails	Service functionality
Chat Content	Messages sent to the AI assistant	AI response generation
Usage Data	Login times, IP addresses	Security and audit logging

4. How We Use Your Data

We process your personal data for the following purposes:

• Service Provision: To provide AI-powered chat assistance during meetings
• Authentication: To verify your identity and manage access
• Security: To protect against unauthorized access and fraud
• Compliance: To meet legal obligations and maintain audit trails
• Improvement: To enhance our services (using anonymized/aggregated data only)

5. Third-Party Services

6. Data Retention

We retain your personal data only for as long as necessary:

• Chat transcripts: Automatically deleted after 180 days (configurable)
• Meeting messages: Automatically deleted after 180 days (configurable)
• Account data: Retained until you delete your account
• Audit logs: Retained for security and compliance purposes (typically 1 year)

7. Your Rights (GDPR)

Under the GDPR, you have the following rights:

1. Right to Access (Art. 15): Request a copy of your personal data
2. Right to Rectification (Art. 16): Request correction of inaccurate data
3. Right to Erasure (Art. 17): Request deletion of your personal data
4. Right to Portability (Art. 20): Receive your data in a portable format
5. Right to Object (Art. 21): Object to certain processing activities
6. Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, use the built-in data management features in your account settings, or contact us directly.

8. Data Export

You can export your personal data at any time through your account settings. The export includes:

• Your profile information
• Meeting history (for organizers)
• Chat messages and AI responses
• Consent records

Data is provided in JSON format for portability.

9. Account Deletion

You can delete your account at any time. Upon deletion:

• Your profile data will be permanently removed
• Associated meetings and chat history will be deleted
• Participant data will be anonymized (email and name replaced)
• A deletion record will be maintained in the audit log for security purposes

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit (TLS/HTTPS)
• Secure password hashing (BCrypt)
• Access controls and authentication
• Regular security assessments
• Audit logging of sensitive operations

11. Cookies and Tracking

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party analytics that track individual users.

12. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

14. Contact Us

For privacy-related inquiries or to exercise your data protection rights, please contact:

Email: privacy@example.com

Address: [Your Company Address]