Privacy Policy

Effective Date: November 3rd, 2025

 

This Privacy Policy governs how Chatly (“Chatly,” “we,” “our,” or “us”) collects, uses, discloses, and safeguards personal data when you use our website, applications, and services (collectively, the “Service”). By using the Service you consent to the practices described herein. This Policy may be updated from time to time; material changes will be posted on this page with a new effective date. If you do not agree with this Policy, please do not use the Service.

Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person. This includes, for example, name, email address, and unique identifiers.

  • Data Subject (You): The individual to whom the Personal Data relates – i.e. a user of the Service.

  • Processing: Any operation performed on Personal Data, whether or not by automated means (e.g. collection, storage, use, disclosure, deletion).

  • Controller: The entity that determines the purposes and means of processing Personal Data. In this case, Chatly is the Controller of your data.

  • Processor: An entity that processes Personal Data on behalf of the Controller(e.g. our cloud host, analytics providers, payment processor).

  • Third Party: Any natural or legal person, authority or body other than you, the Controller, and the Processor, who may process data. Examples include service vendors and advertisers.

  • Service: The Chatly platform, including our website and mobile applications, and all related functionality.

  • Cookies: Small text files or similar data stored on your device by your browser or app to recognize you, remember preferences, or collect analytics. Cookies and similar technologies may be first-party (set by us) or third-party (set by our partners).

These terms are used throughout this Policy. If you have any questions about these definitions or this Policy, please contact us (support@chatlyai.app).

Data We Collect

Chatly collects various categories of data, either that you provide directly or that is collected automatically when you use the Service. We describe each category, the types of data included, and how it is collected:

  • Account and Contact Information: When you sign up or create an account, we collect personal identifiers and contact data such as your name, email address, user ID, and any other information you furnish (e.g. profile details). You provide this data directly. We use it to create and manage your account, authenticate you, and communicate with you about the Service. We base this processing on the performance of our contract with you (account provisioning) or your consent. We retain this data for as long as you have an account and as needed to comply with legal obligations. For example, many privacy notices note collecting email and account names for account management.

  • Authentication Data: If you log in using third-party services (e.g. Google or Apple), we may collect the account name or identifier supplied by that service . This allows single-sign-on and is processed under the contract we have with you.

  • Device and Usage Data: We automatically collect technical information about your device and how you use the Service. This includes your IP address, device type (mobile, desktop, etc.), operating system, browser type and version, and log data such as access times, pages or features used, session length, and crash reports. These are collected through cookies, log files, and analytics tools. For example, like other services we collect log data (IP, browser, OS) for security and diagnostics. We process this data based on our legitimate interests (to provide and improve the Service, ensure security) and legal obligations (e.g. fraud prevention). We retain logs and usage data only as long as necessary for these purposes (see Retention).

  • Cookies and Tracking Data: We and our partners use cookies, web beacons, and similar technologies to improve the user experience and analyze usage. Some cookies are essential (“strictly necessary”) for core functionality (e.g. keeping you logged in, storing your preferences); others are non-essential (e.g. analytics, performance, or advertising cookies) which we use only with your explicit consent . Our cookie policy (below) explains the categories of cookies we use. You may at any time withdraw consent or disable cookies via our cookie banner or your browser settings.

  • Payment Data: If you make purchases or subscribe to paid services, we collect information necessary to process payment and billing. However, Chatly does not itself collect or store full credit card numbers, CVV codes, or other sensitive payment data. All payments are processed by our payment processor, Stripe. Stripe securely handles the card data and provides Chatly only with anonymized or tokenized transaction details. In line with standard practice, we never retain full card numbers or CVVs. We record billing history and order information (such as transaction IDs, dates, and amounts) as needed to manage subscriptions and for auditing.

  • Communications Data: When you contact us (for example, via email, chat, or support tickets), we collect the information you provide (name, email, support questions, and any attachments) to respond to your inquiries. We process this data on the basis of our contractual relationship (support for services) and/or our legitimate interest in providing customer support. We retain these communications as long as necessary to resolve your request and for any follow-up service or legal compliance.

  • Analytics and Marketing Data: We use third-party analytics (e.g. Google Analytics, etc.) to measure and improve the Service. These tools may collect aggregated usage statistics (such as pages visited, duration, feature use) and, with consent, tracking data for advertising (e.g. interest-based advertising cookies). Any analytics or marketing data we collect (cookies, clickstreams, survey responses) is used in anonymized or aggregated form, unless you have opted in to personalized marketing. Our legal basis for analytics is usually our legitimate interest (improving the Service) or your consent (for non-essential cookies and marketing).

We collect information directly from you (e.g. account registration, surveys, support), and automatically through your use of the Service. Some data may also be obtained from third parties (for example, your authentication provider, publicly available sources, or analytics platforms).

How We Use Your Data

We use the collected data for the following purposes, in accordance with applicable law and our contractual obligations:

  • Provision of Services: We use your Personal Data to provide and deliver the features and functionality of Chatly. This includes creating and managing your account, processing your requests, responding to messages or queries, and providing any services you have requested. For example, we use your email to send notifications and verify your account. We also use your information to maintain and improve the quality of our Service – debugging issues, developing new features, and personalizing your experience. (This is consistent with standard practices where companies use data to enhance services.)

  • Communications and Support: We use your contact data to communicate with you about your account, service updates, and policy changes. We may send you transactional emails (password resets, receipts) or important notices. With your consent, we may also send you newsletters or marketing information; you can opt out of marketing communications at any time. All support inquiries you submit are used solely to respond and improve support.

  • Security and Fraud Prevention: We use technical data (logs, device info) to secure our systems and protect against unauthorized access, attacks, or fraud. For example, as in many platforms, we pursue our legitimate interest in network and information security and fraud prevention. We monitor for suspicious activity, analyze threats, and enforce policies (for instance, we may restrict accounts or block IP addresses involved in abuse).

  • Analytics and Performance: We aggregate and analyze usage statistics to understand how the Service is being used and to improve performance and reliability. For instance, we may analyze page views, feature usage, and user engagement to identify improvements. Such analytics help us optimize content, fix bugs, and plan new features.

  • Advertising and Marketing: If we engage in advertising, we may use your data to provide relevant ads or content. This is done only with your consent or as otherwise permitted (e.g. we may analyze demographics or aggregate data for targeting purposes). Any use of data for marketing will comply with your preferences and applicable law. You can opt-out of receiving promotional emails by using the “unsubscribe” link or contacting us.

  • Legal Compliance and Enforcement: We use and preserve your information to comply with legal obligations, resolve disputes, and enforce our agreements. For example, we may retain data to comply with tax, accounting or law enforcement requirements. If required by law or legal process (such as a subpoena or court order), we may disclose your information to authorities. We may also use data to defend against legal claims or to enforce our Terms of Service.

In all cases, we use only the data needed to fulfil a purpose, and we do not keep personal data longer than necessary for that purpose.

Cookies and Tracking Technologies

We use cookies and similar technologies on our website and apps. A cookie is a small data file stored on your device by your browser. Cookies serve various purposes:

  • Strictly Necessary Cookies (Essential): These cookies are required for the basic operation of our Service (for example, keeping you logged in or remembering your preferences during a session). Without these cookies, certain features of the Service would not function. We use essential cookies by default and do not require your consent for them, although we inform you of their use.

  • Performance/Analytics Cookies: These cookies collect information about how you use the Service (pages visited, time spent, error logs, etc.) to help us improve performance and fix issues. The data is aggregated and does not personally identify you. We only use performance cookies with your consent.

  • Targeting/Advertising Cookies: These cookies track your behavior and preferences across websites to serve you relevant advertisements or marketing content. We only use targeting cookies if you explicitly consent to them. These cookies may be set by third parties (e.g. ad networks) and allow them to display personalized ads when you visit other sites.

We also use other tracking technologies (such as local storage and web beacons) in a similar manner. Any analytics or advertising features on our Service will only activate if consent is given, except for strictly necessary cookies. We will never use cookies to collect sensitive information (like health or financial details) without explicit consent.

Third-Party Sharing

We do not sell your personal data. However, we may share your information with the following categories of third parties, as necessary to provide the Service or as required by law:

  • Service Providers and Processors: We engage trusted third-party vendors to perform services on our behalf. These include cloud hosting providers, IT support, data storage, customer service platforms, email delivery, analytics providers, and payment processors (Stripe). For example, we share payment information with Stripe so they can charge your card; we share usage metrics with analytics services to monitor performance. In each case, these providers may only use your data to perform the service on our instructions. For instance, many privacy policies note sharing data with hosting, analytics, and payment processors.

  • Payment Processors (Stripe): As noted above, Stripe is our exclusive payment processor. When you make a payment, Stripe collects your payment details directly in a secure payment flow. Chatly never sees or stores your full credit card number or CVV. We receive only payment confirmation and a tokenized form of your payment method for managing subscriptions. Stripe is PCI-compliant and processes card data under its own privacy rules; we refer you to Stripe’s policies for details.

  • Business Partners: If you choose to connect Chatly with other services (for example, granting a third-party app access to your Chatly data), we may share relevant information with those partners per your authorization. We share data only for the specific purposes you authorize.

  • Legal and Safety: We may share your data with law enforcement, regulators, or other third parties if we believe in good faith that disclosure is necessary to comply with a legal obligation (e.g. respond to a subpoena), to protect someone’s vital interests, to prevent fraud or abuse, or to enforce our agreements. We also cooperate with courts or government authorities as required.

  • Business Transfers: If Chatly undergoes a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the new entity, subject to confidentiality obligations. In such an event, the successor entity will assume the rights and obligations regarding your data as described in this Policy.

Whenever we share data, we require recipients to protect that data in accordance with this Policy and applicable law. We enter into contracts (Data Processing Agreements) with our service providers to ensure they use the data only as permitted by us. Except as described above, we do not disclose your personal data to third parties for their own marketing or other purposes without your consent.

Payments and Stripe

Chatly uses Stripe as our exclusive payment processing partner. All transactions (subscriptions, purchases) are handled through Stripe’s secure, PCI-compliant platform. We do not collect or store your raw payment card data. As noted, Stripe will collect your card number, expiration date, and CVV when you pay, but Chatly receives only a token or receipt of payment. As one privacy policy explains: “All payment card data is processed and stored securely by Stripe. We never store your full credit card numbers, CVV codes, or other sensitive payment information on our servers”. We encourage you to review Stripe’s privacy policy for more information on how they handle data. In summary, Chatly only retains the information necessary to fulfill and record the transaction (such as billing name, masked card digits, transaction date and amount) and promptly deletes or anonymizes it when no longer needed.

Your Rights

You have certain rights regarding your Personal Data, subject to applicable law. These rights include (where applicable):

  • Right to Access – You can request confirmation whether we are processing your data and obtain a copy of the personal data we hold about you.

  • Right to Erasure (Right to be Forgotten) – You can request that we delete your personal data under certain circumstances (for example, if it is no longer necessary for the purposes collected).

  • Right to Portability – You have the right to request a copy of your data in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller if technically feasible.

  • Right to Restrict Processing – You may ask us to restrict or suspend processing your data under certain conditions (e.g. pending a dispute over accuracy).

  • Right to Object – You may object to our processing of your data (for example, object to marketing or profiling activities). We will honor valid objections unless we have compelling legitimate grounds for continuing the processing.

  • Right to Withdraw Consent – If we rely on your consent for any processing (for example, non-essential cookies or promotional emails), you can withdraw that consent at any time. This will not affect the lawfulness of processing carried out before withdrawal.

To exercise any of the above rights, please submit a request to support@chatlyai.app . We may require you to verify your identity before responding. We will respond within the timeframes required by applicable law. We will not discriminate against you for exercising your rights. (For example, as Stripe’s policy notes, you have rights to access, rectify, erase, restrict, or export your data.)

Security

We take the security of your data very seriously and implement industry-standard measures to protect it. Our technical and organizational safeguards include:

  • Encryption: We use encryption (e.g. TLS/HTTPS) to protect data in transit, and we encrypt stored sensitive data where appropriate.

  • Access Controls: Access to personal data within Chatly is strictly limited. Only authorized personnel and systems that need the data to perform their jobs have access. We use role-based access and strong authentication to prevent unauthorized access.

  • Data Minimization and Segmentation: We minimize the amount of data collected and store it only for as long as necessary. Payment card details are immediately tokenized or handled by Stripe so we do not retain raw card data. Personal data is logically separated and secured in our databases.

  • Auditing and Monitoring: We maintain logs of access to personal data and routinely audit our systems to detect and respond to suspicious activity. We monitor our networks and systems for unauthorized access attempts or breaches.

  • Employee Training and Policies: We train our staff on data protection and privacy. All employees and contractors with access to personal data are bound by confidentiality agreements and must follow our internal security policies.

  • Third-Party Contracts: As mentioned, we require all third-party providers to implement adequate security measures. We enter into data protection agreements to ensure they protect your data as required by law.

Despite these measures, no system can be 100% secure. In the unlikely event of a data breach affecting your personal information, we will comply with applicable breach notification laws and promptly notify affected users and authorities as required.

Data Retention and Deletion

We retain your personal data only for as long as necessary to fulfill the purposes outlined above, and to comply with legal, tax, accounting, or reporting obligations. In general, this means:

  • Account Data: We retain your account information while your account is active. If you delete your account or discontinue using the Service, we will delete your personal data promptly – typically within 30 days of account termination – except for information we must keep for legal reasons.

  • Payment and Billing Data: Transaction records and billing history may be retained as long as required by financial regulations. However, detailed payment credentials (card numbers, CVVs) are not stored by us at all.

  • Logs and Security Data: Usage logs, error reports, and security monitoring data are retained for a limited period (e.g. several months to a few years) to maintain system integrity and detect fraud. These retention periods are aligned with industry practices and legal guidelines.

  • Communications: Support emails and correspondence are kept as long as needed to address your inquiries and for reference in any ongoing support or legal matters.

  • Analytics Data: Aggregated and anonymized analytics may be retained indefinitely for product development purposes. Any personal identifiers in analytics data are removed or masked.

If you have questions about how long we keep specific data, please contact us. Upon your request, we will deactivate or delete your account and data in accordance with this Policy and any legal retention requirements.

Children’s Privacy

Chatly’s Service is not intended for minors. We do not knowingly collect personal information from anyone under the age of 13 in the United States, or under the age of 16 in the European Union. If we learn that we have inadvertently received personal information from a child below these ages, we will promptly delete that information. If you believe we might have information from a child, please contact us so we can take appropriate steps. Parents and guardians should always supervise their children’s online activities.

Changes to This Policy

We may modify or update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will revise the “Last Updated” date at the top and post the new Policy on our website. We may also notify you of changes through the Service (for example, via an in-app notice or email). Continued use of the Service after such changes constitutes acceptance of the new Policy. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, or if you wish to exercise your data protection rights, please contact us at support@chatlyai.app. We will respond to your inquiries and requests as required by applicable law.