Skip to main content

AI compliance

Understanding compliance requirements

GDPR Overview

The General Data Protection Regulation (GDPR) is Europe’s primary data protection law. For Chatty users, this means:

  • Collecting only necessary customer data
  • Being transparent about data usage
  • Protecting user privacy rights
  • Ensuring secure data handling

The AI Act is new EU legislation establishing guidelines for AI systems like chatbots. Key points:

AI Act Overview

  • Clear disclosure of AI interaction
  • Prevention of discriminatory decisions
  • Transparency in AI operations
  • Regular risk assessments

What we are in this context

Shopify store owners (data controller)

As a Shopify store owner using Chatty, you are the data controller. This means you:

  • Decide how customer data is used
  • Set purposes for data collection
  • Ensure proper customer notification
  • Maintain an updated privacy policy

Chatty (data processor)

We act as the data processor, meaning we:

  • Process data according to your instructions
  • Implement security measures
  • Handle data per GDPR requirements
  • Provide necessary compliance tools

How Chatty ensures compliance

Data collection

✓ Minimal data collection

  • Only essential information is collected
  • No unnecessary personal data storage
  • Clear purpose for all data points

✓ Transparent processing

  • Clear notification of AI usage
  • Explicit data usage explanations
  • No hidden data collection

Security measures

✓ Data protection

  • End-to-end encryption
  • Regular security audits
  • Secure data storage

✓ Access controls

  • Limited staff access
  • Role-based permissions

What data we collect & why

For Merchants (Shopify store owners)

  • Chat messages & conversations: Stored to provide customer support history and improve AI responses
  • Store information: Basic store data from Shopify to enable app functionality
  • Customer service settings: Your configuration preferences for the chatbot
  • Usage analytics: Anonymous usage data to improve app performance

For end users (store customers)

  • Chat content: Messages sent through the chat widget
  • Order information: Only when provided by customers for order tracking
  • No additional personal data: We don’t collect emails, phone numbers, or other personal information through the chatbot unless explicitly provided for customer service purposes

How we use your data

Primary uses

  • Providing customer support functionality
  • Improving AI responses and suggestions
  • Maintaining chat history for merchants
  • Processing order tracking requests

What we don’t do

  • No data selling to third parties
  • No advertising use
  • No unauthorized data sharing

Quick reminder: Add this privacy text to your site before turning on the chatbot. Feel free to modify it for your store.

Our site uses Chatty AI for customer support. Here's what you should know:
- We only use messages to help answer your questions
- We don't collect personal info unless needed for customer service
- All chats are private and encrypted
- Your data is never used for ads

Last updated: February 2025