ChatIQ
ContactSolutionsDocsBlogDashboard
Sign inSign up
ContactSolutionsDocsBlogDashboard
Sign inSign up

Legal Information

Learn how we protect your data, what you can expect from us, and the policies that govern your use of the platform.

Terms of ServicePrivacy PolicySecurityDPA

Data Processing Addendum (DPA)

Data Processing Addendum governing Customer Content processed by ChatIQ on behalf of customers.

Data Processing Addendum (DPA)

Version: 2026-02-05
Effective Date: February 5, 2026

This Data Processing Addendum (“DPA”) is incorporated into and forms part of the Terms of Service. It governs ChatIQ’s processing of Customer Content on behalf of Customers who act as data controllers.

1) Roles

  • Customer is the data controller for end‑user data.
  • ChatIQ is the data processor and processes data only on Customer’s documented instructions as provided through the Services.

2) Scope of Processing

ChatIQ processes Customer Content to provide and support the Services, including hosting, retrieval, analytics, and support workflows configured by Customer.

3) Customer Obligations

Customer is responsible for:

  • Providing end‑user notices and obtaining any required consents
  • Ensuring a lawful basis for processing end‑user data
  • Configuring retention, privacy, and access settings consistent with its obligations
  • Responding to data subject requests and instructing ChatIQ where assistance is needed

4) Confidentiality

ChatIQ ensures that persons authorized to process Customer Content have committed to confidentiality or are under an appropriate statutory obligation of confidentiality.

5) Security Measures

ChatIQ implements administrative, technical, and organizational safeguards aligned with industry standards. Details are summarized in our Security Overview.

6) Subprocessors

ChatIQ uses subprocessors for hosting, databases, analytics, and AI model providers. ChatIQ remains responsible for its subprocessors and will ensure they are bound by obligations substantially similar to this DPA.

Current Subprocessors (as of Effective Date)

  • Supabase – Database, authentication, storage
  • Vercel – Application hosting and deployment
  • OpenAI – AI model inference (as configured by Customer)
  • Sentry – Error monitoring and diagnostics

ChatIQ will provide notice of material subprocessor changes where required by law or contract. Where applicable, Customers may object to a new subprocessor on reasonable grounds related to data protection.

7) International Transfers

Customer Content may be processed and stored in jurisdictions outside the Customer’s country. Where required by applicable law (including Thailand PDPA and GDPR), ChatIQ will implement appropriate safeguards for international transfers, such as standard contractual clauses or equivalent contractual commitments, and will make transfer details available upon request.

8) Data Subject Requests

Customers are responsible for responding to data subject requests. ChatIQ will provide reasonable assistance where required by applicable law and as technically feasible.

9) Retention and Deletion

Customers control retention for end‑user conversations within the Services. ChatIQ will delete or return Customer Content upon termination as required by the Terms, subject to applicable law.

10) Assistance and Logs

ChatIQ will provide reasonable assistance for data subject requests where required by law and technically feasible. ChatIQ maintains audit logs of administrative access and system events for security and compliance purposes, retained according to published retention policies.

11) Personal Data Breach Notification

ChatIQ will notify Customer without undue delay after becoming aware of a personal data breach involving Customer Content and will provide available information to support Customer’s notification obligations. ChatIQ will provide updates as material information becomes available.

12) Audits

Customers may request documentation of ChatIQ’s security practices. Additional audit rights, if any, are governed by the Terms and applicable enterprise agreements.

13) Updates

Material updates to this DPA require re‑acceptance. Continued use of the Services after notice of material changes constitutes acceptance where allowed by law.

Annex A — Details of Processing

Categories of Data Subjects

  • Customer end users and visitors interacting with Customer bots or services
  • Customer administrators and team members

Categories of Personal Data

  • Account and profile data (name, email, role)
  • End‑user conversation content and attachments (as provided by Customer)
  • Usage and analytics data (timestamps, IP address, device/browser metadata)
  • Billing and transaction data (limited to payment identifiers and plan status)

Processing Purpose

To provide, maintain, secure, and improve the Services, including hosting, retrieval, analytics, moderation, and support workflows configured by Customer.

Duration of Processing

For the term of the Services, unless Customer deletes data earlier or applicable law requires longer retention.

Processing Locations

Processing may occur in the United States and other regions where ChatIQ or its subprocessors operate, subject to the safeguards described in Section 7.

Questions: Contact legal@teamchatcode.com.

ChatIQ

Build reliable AI chatbots powered by your team’s knowledge. Secure multi-tenant architecture, instant document ingestion, and guided analytics out of the box.

Product
How it worksFeaturesDemo
Resources
SolutionsBlogDocsContactDashboard
Legal & Preferences
Terms of ServicePrivacy PolicySecurityDPA
© 2026 ChatIQ. All rights reserved.Made with care in distributed workspaces worldwide.