This Privacy Policy aims to clarify the relevant rules for Chacha AI Software (hereinafter referred to as “This Software”) for collecting, using, storing, transmitting, and disclosing users‘ personal data, protecting users‘ personal data rights and interests, and conforming to international data protection standards (including, but not limited to, the European Union‘s General Data Protection Regulation (GDPR)), applicable to all users who use this Software. By using this Software, you are deemed to have read, understood, and agreed to all the terms of this Policy. If you have any questions, please contact us via email andviadakis@agrotechnikigiannakoula.com.
1. Definition and scope
1.1 Definitions
1.1.1 Personal Data: Means any information that can directly or indirectly identify a specific natural person, including but not limited to names, email addresses, phone numbers, IP addresses, device identifiers, usage records, etc., that conforms to the requirements defined by the GDPR for personal data.
1.1.2 Users: Means any natural person, corporation, or other organization that downloads, installs, registers, and uses this Software.
1.1.3 Data Processing: Means any operation performed on personal data, including collection, recording, storage, use, transmission, disclosure, deletion, etc., that conforms to the relevant requirements of the International Data Protection Regulations.
1.2 Applicability Scope
1.2.1 This Policy applies to all functional modules and service scenarios of this Software, including but not limited to user registration, login, AI interactions, data storage, feature upgrades, etc.
1.2.2 This Policy does not apply to links, plugins, or services provided by third parties through this Software, and the privacy policies for third-party services are determined by their own discretion and are independent of this Software.
2. Collection of Personal Data
2.1 Collecting Principles
2.1.1 Legitimacy Principles: We collect user personal data only when necessary to obtain the user‘s explicit consent, to comply with legal obligations, or to implement the core functionality of the software. We do not collect or steal user data illegally.
2.1.2 Minimum Required Principle: Collect only the personal data necessary to implement the software functionality, do not collect redundant data unrelated to the software functionality, and ensure that the scope of data collection matches the purposes of use.
2.1.3 Transparency Principle: Before collecting user data, clearly inform users of the purpose, scope, and method of collecting user data, ensuring that users are aware and have the freedom to choose whether to provide it.
2.2 Scope and method of collection
2.2.1 Registration and Login Data: Information such as the user‘s name, email address, password (encrypted storage), etc., voluntarily provided when the user registers and logs in to this Software, is used for authentication and account management.
2.2.2 Use behavioral data: Users use the interaction records, query content, operation logs, and device information (device model, operating system, IP address, device identifier) generated during the process of using this software, etc., to optimize software performance and improve the quality of AI services.
2.2.3 Third-Party Data: If a user logs in to this Software through a third-party platform (such as Google, Facebook, etc.), we will obtain user-authorized basic information (such as username, profile picture) through the third-party interface for account association, without additional collection of other data from the third-party platform.
3. Usage of Personal Data
3.1 Purpose of Use
3.1.1 Implement core software functions: Use for user authentication, account login, AI interaction responses, service push, etc., ensuring the software runs properly.
3.1.2 Optimize software services: Analyze user usage behavior data, optimize AI algorithms, improve feature experience, fix software vulnerabilities, and improve service stability and suitability.
3.1.3 Compliance and Security Guarantee: Used to prevent account theft, fraud, etc. risks, fulfill international data protection laws and regulations, and ensure the security of user data.
3.2 Use Restrictions
3.2.1 Use of the data does not exceed the scope authorized by the user, and for use of the data for purposes not specified in this Policy, written consent from the user is required again.
3.2.2 User personal data will not be used for any commercial advertising push unless expressly authorized by the user.
3.2.3 After anonymizing the user‘s personal data, it can be used for non-identifying purposes such as AI model training, industry data analysis, and so on. The anonymized data does not contain any information that can identify the user.
4. Storage and security of personal data
4.1 Storing Methods and Durations
4.1.1 Location of storage: User personal data is stored on servers that comply with international data protection standards, located within the European Union, and is not stored in any region that does not comply with data protection requirements.
4.1.2 Storage Period: User Personal Data will be stored only for the period necessary to fulfill the purposes of use stipulated in this Policy. After the period is exceeded, anonymizing processing or complete deletion measures will be taken as per law to ensure that the data cannot be recovered.
4.1.3 Storage security: Security measures such as encryption technologies (including transmission encryption, storage encryption), access control, and firewalls are implemented to prevent user data from being leaked, tampered with, stolen, or lost.
4.2 Security Assurance Measures
4.2.1 Technical Assurance: Regular security testing of servers, vulnerability remediation, and industry-leading security technology to ensure the security of data transmission and storage.
4.2.2 Employee Security: Strict permissions management and privacy training for employees who have access to user data, clear job responsibilities, and prohibition of unauthorized access and use of user data.
4.2.3 Emergency Handling: Establish a data security emergency response mechanism. If security incidents such as data leakage or loss occur, remedial measures will be taken promptly, and users and relevant regulatory bodies will be notified according to the requirements of relevant international laws and regulations.
5. Transfer and disclosure of personal data
5.1 Data Transfer
5.1.1 Data transfer is carried out only in the context of implementing software functions and fulfilling legal obligations. Encryption techniques are used during the transfer process to ensure the security of data transfer.
5.1.2 If the transfer of user data to a region outside the EU is required, it will ensure that that region has the same level of data protection as the EU GDPR, or obtain the explicit consent of the user, and take the necessary security measures.
5.2 Data Disclosure
5.2.1 Do not disclose the user‘s personal data to any third party at will, unless obtained with the explicit written consent of the user.
5.2.2 Those who need to disclose user data due to the requirements of laws, regulations, judicial authorities or regulatory bodies will comply with disclosure obligations according to law and notify users promptly (unless prohibited by law).
5.2.3 When disclosing data to third party partners providing technical support, server hosting, etc. services for this Software, a strict privacy protection agreement will be signed, requiring the third party to comply with the relevant requirements of this Policy, and not to use or disclose user data without authorization.
6. Users‘ rights
6.1 Data Access Rights: Users have the right to access their personal data at any time, inquire about the collection, use, storage, and disclosure of data, which can be requested through in-software features or by contacting email.
6.1.1 After a user submits an access request, we will respond within 15 business days by providing the user with the required copy of personal data (compliant with international data protection regulations).
6.2 Data Correction Right: If users discover that their personal data is incorrect or incomplete and have the right to request correction, we will correct it promptly after verification and notify users.
6.3 Data deletion right: Users have the right to request the deletion of their personal data, and we will complete the deletion within 15 working days if the following conditions are met: the data is no longer necessary for use, the user withdraws consent, the software ceases to provide related services, etc.
6.3.1 Upon data deletion, the associated backup data will be completely deleted within a reasonable period of time and cannot be recovered; anonymized data is not subject to deletion rights.
6.4 Right to withdraw consent: Users have the right to withdraw their consent to data collection, use, and disclosure at any time, and upon withdrawal of consent, we will stop related data processing activities, but this does not affect the legality of data processing that was completed before withdrawal.
6.5 Complaints and Claims Rights: If users believe their data rights have been infringed, they can lodge complaints and complaints through the contact email stipulated in this Policy. We will process them and provide feedback within 10 working days.
7. Third-party service descriptions
7.1 The Software may contain links, plug-ins, or services provided by third parties (such as third-party logins, payment interfaces, etc.), and the privacy policies of third-party services are determined independently of the Software.
7.1.1 When users use third-party services, they are subject to the third-party‘s privacy policy. The third-party is solely responsible for the collection and use of user data, and this Software assumes no responsibility.
7.2 We only provide third parties with the minimum amount of data necessary to perform the Services, and we have signed a privacy protection agreement with the third parties, requiring them to strictly protect user data and prohibiting its unauthorized use for other purposes.
8. Policy Updates and Dispute Resolution
8.1 Policy Updates: This Policy will be updated on a timely basis based on changes in international data protection laws and regulations, and upgrades to software functionality. Updates will be published in prominent locations of the software, and will take effect upon expiration of the publication period.
8.1.1 If a Policy update involves changes to users‘ core interests, we will notify users via email, software push, etc., and users‘ continued use of this software will be considered as consenting to the updated Policy.
8.2 Dispute Resolution: Disputes arising from or related to this Policy should first be resolved through friendly negotiation; if negotiation fails, any party has the right to bring a lawsuit to the court with jurisdiction where the software operating entity resides.
8.3 Contact: If you have any questions, complaints, complaints about this Policy, or need to exercise your data-related rights, please email to andviadakis@agrotechnikigiannakoula.com and we will respond to you promptly.