Privacy Policy
*Last Updated: 15, May, 2024*
Privacy Policy
*Note: Please be aware that only our Terms of Service and Privacy Policy in English are legally binding. While translations of these documents may be provided for your convenience, they are not legal documents.*
Introduction
We get that legal documents can be overwhelming and boring, so we’ve tried our best to keep it as simple as possible while providing the information needed. It is important however to remember that these terms are legally binding between yourself and us if you choose to use Chitchat.gg, so please read them carefully before proceeding - We will continue to improve and tackle some sections.
Your Privacy
Your privacy is very important to us, and we will ensure protecting your privacy when using our services. We only collect limited data from our users that is absolutely necessary.
- Account Information: We collect data from our users when they register for an account on Chitchat.gg, such as: the registered e-mail address, hashed password, and chosen username.
- Analytics: We collect anonymized analytics data through a first-party self-hosted Matomo instance, this data isn’t shared with any third-party and is used for analytics purposes only.
- Payment Information: We collect transactional information when you make a purchase or payment on Chitchat.gg, but we do not keep any personally identifiable financial information, like credit card numbers. Instead, we use third-party payment services such as Lemonsqueezy and PayPal. The privacy notice of these payment processors governs their use of your personal information. You can view their privacy notices here: https://www.lemonsqueezy.com/privacy or https://www.paypal.com/privacy.
- Note for International Visitors: Your personal information may be sent to, saved, and dealt with in a different country than where it was gathered. For instance, the Sites are mainly run and given from the United States. The country where your personal data is sent to may not give the same protection for your personal information as the country where it was originally gathered.
Who is this information shared with?
We will don’t sell your data to any third-parties, although we use certain service providers to process your data, such as:
- Digital Ocean, provides us with cloud services to process and store data.
- Hetzner, provides us with cloud services to run several backends.
- hCaptcha, provides us with the tools necessary to stop abuse of our platform.
- Cloudflare, provides us with DDoS mitigation and content delivery acceleration as well as hosting our web client.
- Lemonsqueezy, provides us with payment processing gateway services.
- Mailgun EU, is our email delivery service for sending, receiving, and tracking emails.
- Sender, is our email delivery service for sending, receiving, and tracking emails.
- Hive Moderation, provides us with text and video moderation services to keep our text and video chats safe. your data is anonymized before being sent to Hive Moderation.
- Posthog, provides us with analytics services to help us understand how our users interact with our platform.
- OpenAI, provides us with AI services to help us improve several aspects of our platform such as matchmaking and moderation. we do not share any personal information with OpenAI.
- Anthropic, provides us with AI services to help us improve several aspects of our platform such as matchmaking and moderation. we do not share any personal information with Anthropic.
- Mistral, provides us with AI services to help us improve several aspects of our platform such as matchmaking and moderation. we do not share any personal information with Mistral.
We may disclose your information to third parties only if such disclosure is absolutely necessary to comply with a valid legal process, protect any person from death or serious injury, prevent fraud or abuse, or protect our rights, property, safety and interest.
Where is my information stored?
Your information is currently stored on first-party servers in the EU and United States.
If you wish to request the deletion of any information stored on our servers, please contact us at [email protected].
Exceptions to third-parties service providers which is used to process your data as mentioned above.
Our commitment to children’s privacy
We follow The Children’s Online Privacy Protection Act (“COPPA”), which requires online service providers to obtain parental consent before they knowingly collect personally identifiable information online from children who are under 13 years of age. This applies to every user of our platform, regardless of different consent laws in different countries. We do not knowingly collect or solicit personally identifiable information from children under 13 years of age. our p If we learn we have collected personal information from a child under 13 years of age, we will immediately delete that information from our servers. If you are a parent or guardian of a child under the age of 13 and believe that they have disclosed personal information to us, please contact us at [email protected].
Changes to our Privacy Policy
As we keep improving our services, we may update our Privacy Policy in the future if needed.
You are advised to review our Privacy Policy periodically for any changes. Such changes to our Privacy Policy are effective when they are posted on this page**.**
Cookies
We only use necessary cookies to run and manage our services such as authentication, We don’t use cookies for analytics.
hCaptcha
We use the hCaptcha anti-bot service (hereinafter “hCaptcha”) on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation (“IMI”). hCaptcha is used to check whether the data entered on our website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled.
When using the Chitchat.gg, hCaptcha will only begin analysis when you:
- Submit a login request.
- Submit a registration request.
- Submit a password request / email resend request.
For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI.
Data processing is based on Art. 6(1)(f) of the GDPR (DSGVO): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a “data processor” acting on behalf of its customers as defined under the GDPR, and a “service provider” for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha and IMI’s privacy policy and terms of use, please visit the following links: https://hcaptcha.com/privacy/ and https://hcaptcha.com/terms.
General Privacy Policy
1. Introduction and Consent
This privacy policy explains how we handle the personal data of users of our service. By using our service, you consent to the collection, use, and sharing of your personal data as described in this policy. We are the data controller, meaning we determine the purposes and means of processing your personal data.
2. Data We Collect and How We Use It
2.1 Profile Data
When you create an account, we collect profile data you provide, which may include your name, age, email address, profile picture, and information from social profiles you authorize us to access. We may use Facebook or Google Login, in which case we will request your first name, last name, gender, age, email, location, locale, timezone to facilitate registration. We only access the Facebook or Google data you authorize, not any additional personal data. Profile data is used to enable and monitor your use of our service. You can read more about Facebook’s data policy here and Google’s data policy here.
2.2 Usage Data
We collect data about how you use our service, which may include your IP address, location (country and state level), browser and OS details, referral source, pages viewed, navigation paths, and patterns of service usage. This usage data, collected through our analytics system, is used to analyze the use of our service for monitoring and improvement purposes. Processing this data is based on your consent through service usage and our legitimate interests.
2.3 Enquiry, Customer Relationship and Correspondence Data
If you contact us with an enquiry, we may process that enquiry data in order to respond to your request. We collect customer relationship data such as your contact details and communication history in order to manage our customer relationships and promote relevant services. Any correspondence you send us may be retained and processed for communication and record-keeping purposes.
2.4 Notification Data
If you subscribe to our notifications or newsletters, we will process your contact information to send you those communications.
2.5 Client and Communication Data
We collect data about your client application and device used to access our service, including IP address, browser and OS details, hardware specs and device identifiers. We also process data about your communications with other users, including client/usage data for participants, timestamps and duration. This data is needed to properly provide and administer our service.
2.6 Chat Messages
We process the content of messages you send through our servers and services in order to enable communications and service administration. Messages are retained while your account is active and are anonymized after account deletion.
2.7 Ban and Complaint Data
If you are banned for inappropriate behavior, we may process usage data, client data, and an image from your video feed in order to enact and maintain the ban for a set period. Video images are also collected with user complaints about inappropriate behavior. This data is used for service administration and is deleted once the ban expires.
2.8 Product Analytics Data
Our Analytic services collect certain data whenever you visit our site, including your IP address, browser details, pages visited, and visit timestamps/durations. This non-PII log data is used for service administration, analytics and understanding user behavior.
2.9 Legal Purposes
We may process your personal data as needed to establish or defend legal claims, obtain insurance coverage or professional advice, protect our business from risks, comply with legal obligations, or protect someone’s vital interests.
2.10 Moderation Data
We may process your personal data to moderate your use of our service, including text and video chat content, this includes the use of AI services (e.g Hive Moderation) or real moderators to help us moderate our platform. both text messages and video images are periodically reviewed to ensure compliance with our community guidelines. Video images are stored until the suspension period is over or for a set period of time to ensure compliance with our community guidelines.
3. Sharing Your Data
3.1 Public Display
Certain personal data like your display name, age, gender, location may be displayed to other users of our service.
3.2 Service Providers
We may share data with third party service providers in order to operate our service, including:
- Payment processors to handle financial transactions
- Professional advisors for legal, insurance and risk management purposes
- Analytics platforms to understand service usage
3.3 Legal Necessity
We may disclose your data where required by law, to protect someone’s vital interests, or to establish/defend legal claims.
3.4 Peer-to-Peer Connections
Our service may make direct peer-to-peer connections between users’ devices using WebRTC technology, which necessarily reveals IP addresses, though not through the service interface. This is an inherent aspect of peer-to-peer technology.
4. Data Retention and Deletion
We retain your data for as long as your account remains active, you haven’t notified us otherwise, or as long as necessary for the purposes in this policy. We do not retain message content, communication logs, or video images after expiration of any related ban period. You may delete your account and associated data in the application settings. The data will be inaccessible immediately and permanently deleted from our servers after 30 days.
5. Data Security
We utilize industry-standard technical and physical safeguards to protect user data from unauthorized access or illegal processing, including encryption, access controls, firewalls, and secure hosting. However, no security measures are 100% effective, so we cannot guarantee the security of data you transmit to us. Contact us promptly if you suspect a security breach.
6. Children’s Privacy
Our service is not intended for children under 18. We do not knowingly collect data from underage users. If we learn we have collected personal data from a child under 18, we will promptly delete that information. Contact us if you believe we have any data from or about a child under 18.
7. International Data Transfer
Our servers are located in the EU (Germany) and United States, but users access the service globally. You are responsible for understanding the local laws applicable to using our service and sharing your data. Your data may be available worldwide through your use of our service.
8. Policy Changes and Contact Info
We may periodically update this policy. Check this page for the latest version.
Contact Us
Feel free to contact us if you have any questions regarding this Privacy Policy or any of the above statements. You may contact us by emailing [email protected].