AI Compliance

Understanding compliance requirements

GDPR Overview

The General Data Protection Regulation (GDPR) is Europe's primary data protection law. For Chatty users, this means:

• Collecting only necessary customer data

• Being transparent about data usage

• Protecting user privacy rights

• Ensuring secure data handling

AI Act Overview

The AI Act is new EU legislation establishing guidelines for AI systems like chatbots. Key points:

• Clear disclosure of AI interaction

• Prevention of discriminatory decisions

• Transparency in AI operations

• Regular risk assessments

What we are in this context

Shopify store owners (data controller)

As a Shopify store owner using Chatty, you are the data controller. This means you:

• Decide how customer data is used

• Set purposes for data collection

• Ensure proper customer notification

• Maintain an updated privacy policy

Chatty (data processor)

We act as the data processor, meaning we:

• Process data according to your instructions

• Implement security measures

• Handle data per GDPR requirements

• Provide necessary compliance tools

How Chatty ensures compliance

Data collection

✓ Minimal data collection

• Only essential information is collected

• No unnecessary personal data storage

• Clear purpose for all data points

✓ Transparent processing

• Clear notification of AI usage

• Explicit data usage explanations

• No hidden data collection

Security measures

✓ Data protection

• End-to-end encryption

• Regular security audits

• Secure data storage

✓ Access controls

• Limited staff access

• Role-based permissions

What data we collect & why

For Merchats (Shopify store owners)

• Chat messages & conversations: Stored to provide customer support history and improve AI responses

• Store information: Basic store data from Shopify to enable app functionality

• Customer service settings: Your configuration preferences for the chatbot

• Usage analytics: Anonymous usage data to improve app performance

For end users (store customers)

• Chat content: Messages sent through the chat widget

• Order information: Only when provided by customers for order tracking

• No additional personal data: We don't collect emails, phone numbers, or other personal information through the chatbot unless explicitly provided for customer service purposes

How we use your data

Primary uses

• Providing customer support functionality

• Improving AI responses and suggestions

• Maintaining chat history for merchants

• Processing order tracking requests

What we don't do

• No data selling to third parties

• No advertising use

• No unauthorized data sharing

Our site uses Chatty AI for customer support. Here's what you should know:
- We only use messages to help answer your questions
- We don't collect personal info unless needed for customer service
- All chats are private and encrypted
- Your data is never used for ads

FAQs