Effective as of: 4/17/2024
This privacy policy (“Privacy Policy”) explains how information about you is collected, used, and disclosed by Chatsistant.com (“Chatsistant™,” the “Company,” “we,” “our,” or “us”). This Privacy Policy applies to information we collect when you use our websites https://www.chatsistant.com (the “Site”) and other online products and services (collectively, our “Services”).
By downloading, accessing, using, and/or interacting with our Services, you agree and expressly consent to our collection, use, and disclosure of the information that you provide as described in this Privacy Policy. This Privacy Policy is incorporated by reference into the Terms of Service available at https://www.chatsistant.com/terms (our “Terms of Service”) and is subject to the provisions of the Terms of Service. Capitalized terms used but not defined in this Privacy Policy shall have the meaning ascribed to such terms in our Terms of Service. If you have any concerns about providing information to us or the use of that information as described in this Privacy Policy, you should not use our Services.
Modifications
Because we are always looking for new and innovative ways to help you achieve your goals in connection with the use of our Services, this Privacy Policy may change over time, so please review it frequently. The effective date at the top indicates the last time this Privacy Policy was modified. If we modify the terms of this Privacy Policy, we will notify you by push notification and/or by posting a notice on our website thirty (30) days prior to the effective date of the changes. If we are required by applicable data protection laws to give you enhanced notice or seek your consent for any such changes, we will do so. You can see when this policy was last updated by checking the “last updated” date displayed at the top of this policy. Any revised Privacy Policy will supersede all previous privacy policies.
Contact Us
If you have any questions about this Privacy Policy, please contact us by emailing us at
he***@ch*********.com
or by writing to us at:
Chatsistant LLC
4355 Gloria Ct
Rohnert Park, CA 94928
Email: he***@ch*********.com
Table of Contents
Personal Information We Collect
How We Collect Information
How And Why We Use Your Personal Information
Ways You Might Share Your Personal Information Through Our Services
Where Your Personal Information Is Held
How Long Your Personal Information Is Kept
Your Personal Information Rights
How your imported data is used
How To Exercise Your Rights
Your Controls
Permission Authorizations
How We Respond to Do Not Track Signals
Our Policies Regarding Children
Filing a Complaint
Extra Help
1. Personal Information We Collect
We may collect and use the following personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household or natural person:
Categories of Personal Information Specific Types Collected
Identifiers Real name, username, internet protocol address, email address, account password
Internet or other similar network activity Information on a consumer’s interaction with a website, application, or advertisement
Professional or employment-related information Current occupation
Inferences drawn from Personal Information Profiles reflecting a person’s behavior and attitudes
User-Generated Profiles and Content User profiles, avatar, or text information.
Device information Unique device identifiers, and country of access
Software information Operating system and version
User information A user’s browser type, timestamp, time zone setting and location, browser plug-in types and versions, user content data, user activity, user interactions, and pages visited
Cookies The small data files stored on your hard drive or in device memory that help us to improve our Services and your experience, see which areas and features of our Services are popular, and count visits. For more information about cookies, and how to disable them, please see Section 9 (Your Controls) below.
Web Beacons Also known as “tracking pixels,” electronic images that may be used in our Services or emails to help deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon.
Various tracking technologies Such as local shared objects (also referred to as “Flash Cookies”) and HTML5 local storage that operate similarly to cookies in the way they are stored on your device and can be used to store certain information about your activities and preferences across different services and sessions.
Publicly available information User information from sites like LinkedIn, Google Scholar, or ArXiv
2. How We Collect Information
We collect information that you chose to provide to us, for example, when you create an account, manage your user profile, participate in any interactive features of our Services, request customer support, or otherwise communicate with us. In some cases, information may be automatically collected from you when you interact with our website or Services. We only collect personal information that is necessary for providing our products and services in accordance with the principles of legitimacy, legality, necessity, and good faith.
In particular, and in the past twelve (12) months, we collected the following categories of personal information by:
Categories of Personal Information How We Collect It
Identifiers Directly from you
When a user signs in using Google
Automatically from you when you request support
Internet or other similar network activity Automatically from you when you use our Services
Professional or employment-related information Directly from you
Inferences drawn from Personal Information Automatically from you when you use our Services
User-Generated Profiles and Content Directly from you
Device information Automatically from you when you use our Services or request support
From our Third Party Sources
Software information Automatically from you when you use our Services
From our Third Party Sources
User information Automatically from you when you use our Services
From our Third Party Sources
Cookies Automatically from you when you use our Services. For more information about cookies, and how to disable them, please see Section 9 (Your Controls) below
Web Beacons Automatically from you when you use our Services
Various tracking technologies Automatically from you when you use our Services. Information about disabling or deleting information contained in Flash Cookies can be found here
Publicly available information Directly from you
From publicly accessible sources
3. How And Why We Use Your Personal Information
We will only use your personal information for achieving the purposes listed in this Privacy Policy. Before using your personal information beyond the purposes outlined in this Privacy Policy, we will inform you in a timely and reasonable manner and:
Obtain your consent
Explain why we would like to use your personal information
We only use your personal information when we have a proper reason for doing so, such as:
When you have given us your consent
For the performance of our contract with you or to take steps at your request before entering into a contract, including:
To provide our Services to you
To update and enhance our customer records
For our legitimate interests or those of a third party, including:
To prevent and detect fraud
To prevent unauthorized access and modification to systems
To update and enhance our records
To ensure our business policies are adhered to (such as those covering security and internet use)
To ensure safe working practices, staff administration, and assessments
For our operational reasons, such as improving efficiency, training, and quality control
For statistical analysis to help us manage our business, such as in relation to customer base, product range, or other efficiency measures
To conduct external audits and quality checks
To comply with our legal and regulatory obligations, including:
To update and enhance our records
To file statutory returns
To conduct external audits and quality checks
Because we are continuously improving our products and Services, we may launch optimization functions from time to time which may increase or change the scope, purpose, and/or method of collecting and using your personal information. In the event any optimization functions increase or change the scope, purpose, and/or method of collecting and using your personal information, we will clearly explain it to you by updating this Privacy Policy, provide for a pop-up window or on-site letter, and give you the option to agree. You have the right to refuse to agree, but if we are restricted from using the personal information necessary to realize the updated services or functions, we may not be able to provide you with the updated services and/or functions or may not be able to achieve the effect of the updated services. The basic functions of our Services will not be affected by our launch of optimization functions.
In particular, and over the past twelve (12) months, we collected and used the below types of personal information in the following contexts for the following reasons:
Context of Use Personal Information Collected Used…
Account registration Full name (optional), email, password, and professional or employment information With your consent
Account management Full name (optional), email, password, and professional or employment information With your consent
Customer service and dispute resolution We may need you to provide name, email and other contact information, city / region information help you solve problems
We may collect your communication information with us (including text / picture / audio and video / call record form) and other necessary information related to your request With your consent
For the performance of our contract
To comply with our legal and regulatory obligations
For our legitimate interest of documenting recurring issues so we can better optimize your experience
4. Ways You Might Share Your Personal Information Through Our Services
Social Sharing Features. Our Services may offer social sharing features and other integrated tools which let you share actions you take on our Services with other media, and vice versa. The use of such features enables the sharing of information with your friends or the public, depending on the settings you establish with the entity that provides the social sharing feature. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of the entities that provide such features.
5. Where Your Personal Information Is Held
We store information about users on servers primarily located in Oregon, United States of America. If you are accessing our Services from outside of the United States of America, please know personal information you submit may be transferred to and stored on servers in the United States of America. The data protection and other laws of the United States of America and/or other countries might not be as comprehensive as those in your country. By submitting your data and/or using our Services, you acknowledge that your data might be transferred, stored and processed in and to the United States of America.
6. How Long Your Personal Information Is Kept
Typically, we will keep your personal information while you have an account with us or while we are providing Services to you. Thereafter, we will keep your personal information for as long as is necessary to respond to your questions, complaints, claims or as required by law. We will not retain your personal information for longer than necessary for the purposes set out in this policy.
How Your Personal Information Is Kept Secure:
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and subject to a duty of confidentiality. We continually test our systems and in the process of securing SOC II and ISO 27001 certifications, which means we follow top industry standards for information security. We use reasonable security measures to protect your personal information aligned with the Center for Internet Security’s Critical Security Controls (The 18 CIS Critical Security Controls). We adopt encryption technology to protect your personal information. We have established special management regulations, procedures, and organizations to safeguard the security of the personal information we collect. We hold security and privacy protection training courses to enhance employees’ awareness of the importance of protecting personal information. In the event of a personal information security incident, we will initiate the emergency plan for security incidents, report to the relevant government authorities at the earliest convenience, inform you of the basic situation of the security incident, the treatment measures and remedies we will take or have taken as well as our advice for you, via announcements, push notifications, or emails. If it is difficult to inform every user, we will issue the warning through public announcements. Notwithstanding the security measures that have been taken and the legal requirements that have been implemented, we still cannot guarantee the security of your personal information when communicating through unsafe channels. Therefore, you should also take measures to ensure the security
of your personal information, such as changing your account password regularly. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
7. Your Personal Information Rights
You have specific rights regarding your personal information, which are described in this section. You or an authorized agent acting on your behalf may exercise your personal information rights by submitting a verifiable request (see Section 8 (How To Exercise Your Rights) below). If an authorized agent submits a request to know or delete your personal information, we require you to:
Provide your authorized agent with signed permission to exercise your rights and choices
Verify your identity directly with us
Directly confirm with us your authorized agent has permission to submit the request
Your Right To… Details of Your Right
Know About Our Practices With Respect To Your Personal Information We will inform you of:
The categories of personal information we collected about you
The categories of sources for the personal information we collected about you
Our basis or purpose for collecting and sharing such information
The categories of third parties with whom we share your personal information
We will never disclose in response to a request to know your account password.
Access Your Personal Information in a Portable Format You can access the personal information submitted to us at any time. Upon a verifiable request, we will deliver a copy of your personal information to you or another entity free of charge and in a readily useable format.
Correct Your Personal Information In the event you discover the personal information we have about you is incorrect, on receipt of a verifiable request we will correct such information.
Delete Your Personal Information Subject to certain exceptions permitted by applicable law, on receipt of a verifiable request we will delete your personal information from our records. We encourage you to inform us and submit a verifiable request to delete your personal information if:
Our handling of personal information violates any law or regulations
We accidentally collected and used your personal information without your consent
You believe our handling of your personal information violates our agreement with you
You wish to cancel your account with us
We terminate our Services or operations
Restrict Us From Processing Your Personal Information You have the right to require us to restrict processing of your personal information in certain circumstances, such as when you submit to us a verifiable request to correct your personal information. You can also exercise control over certain types of use of your personal information, such as ancillary personal information, in Section 9 (Your Controls) below.
Withdraw Your Permission Authorizations Some functions of the Services we provide require us to obtain relevant permissions on your device (including but not limited to microphone and camera). You can withdraw the continued authorization of such permissions at any time. Please see Section 10 (Permission Authorizations) below.
You should understand that after you withdraw your authorization, we cannot continue to provide you with specific functions or services corresponding to the withdrawal of your authorization. However, your decision to withdraw your permission authorizations will not affect the previous personal information processing activities based on your authorization.
Cancel Your Account You may cancel your account with us anytime through a verifiable request or by writing us at the email or physical address listed at the top of this Privacy Policy. After you cancel your account, (i) you will no longer be able to log in and use our products and services with this account; (ii) all rights and interests such as the rights and interests that have been generated but not consumed during the use of our products and services and future overdue interests will be cleared; (iii) the contents, information, data, records under the account will be deleted or anonymized (unless otherwise stipulated by laws and regulations or required by the regulatory authorities); (iv) after the cancellation of account is completed, it cannot be recovered.
8. How your imported data is used
In order to enable generative AI capabilities within Our Services, we may share information you provide to us through direct upload, manual input, or third-party integrations (e.g., Google Drive, Slack) with large language model (LLM) partners. Data you share with us may, in unmarked chunks, be submitted to our LLM partners for context when generating a response. We will never send your documents in their complete original form to any other organization, including our LLM partners.
We currently partner with the following companies as LLM providers:
Chatsistant™ (https://www.chatsistant.com/privacy-policy)
As we neither fine-tune nor operate large language models (LLMs) of our own, we do NOT use any data we collect from you for training LLMs. Our Services use retrieval-augmented generation (RAG) technology, which does not re-train or modify the LLMs themselves in any way. We make use of LLMs from Chatsistant™ via their public-facing API. Chatsistant™ has explicitly stated that it does not use data sent to it via API for training LLMs. Details can be found in Chatsistant’s privacy policy here: https://www.chatsistant.com/privacy-policy.
Google API Limited Use Disclosure
Effective as of: 4/18/2024
Chatsistant respects and values your data. In compliance with Google API Services User Data Policy, especially the Limited Use requirements, Chatsistant exclusively uses your selected files as chatbot context and does not transfer or use them elsewhere. Learn more about these standards at the Google API Services User Data Policy. We appreciate your trust in Chatsistant.