Data Policy Chathive
Introduction
This document provides a clear overview of the data and privacy guidelines for customers using Chathive, a chat service that uses GPT technology from OpenAI and Azure OpenAI Service in the background. We address topics such as GDPR compliance, how data is used and stored, and the general security protocols that Chathive observes.
GDPR Compliance
Chathive places great importance on the privacy and security of user data and is fully compliant with the General Data Protection Regulation (GDPR) of the European Union.
To ensure robust data protection, Chathive lets the customer decide what LLM vendors to use:
Azure OpenAI Service, which guarantees data residency within the European Union. For more information, please consult:
Or use OpenAI itself for faster response times and more up-to-date models. OpenAI also adheres to GDPR standards but does not offer EU data residency. More information about OpenAI's security and compliance is available at:
Both Open AI and Azure Open AI ensure that data sent via its API is not retained beyond 30 days and is not used to train AI models.
Use and Storage of Data
Your data is treated with the utmost care. Chathive uses data centers located in Belgium and the Netherlands (Google Cloud in Belgium and DigitalOcean in the Netherlands). These centers were specifically chosen to ensure redundancy, high availability, and strict compliance with GDPR regulations.
Key Storage Details:
- Data centers: Belgium and the Netherlands
- Azure OpenAI Service: Ensures EU data residency OR OpenAI API: Directly that doesn't have the EU data residency guarantee.
- Backups: Retained within the EU
Ongoing Backups
Chathive employs ongoing backups to ensure the safety and integrity of your data. These backups are securely stored within the EU and are retained for up to one year.
Procedure for Deleting Data
Within the Chathive platform, we use a 'soft delete' method for managing deleted data, meaning data is initially marked as deleted but not permanently removed. However, if an end user explicitly requests the removal of their data, we will proceed with a 'hard delete,' ensuring the data is permanently removed from all systems.
Customers can submit a formal data deletion request at any time by contacting: [email protected]. We will fulfill such requests, provided they do not compromise compliance or operational integrity.
Anonymous Nature of the Collected Data
Chathive prioritizes the protection of personal data. We collect personal data from users only when explicit consent has been obtained. For example, features like 'Human Handover' require explicit user consent before storing personal data.
Users may occasionally enter personal data into the chat outside of these specific features. In such cases, these messages are treated according to our general storage policies.
No Fine-Tuning of Models
Chathive does not use the fine-tuning capabilities offered by OpenAI. Your data is exclusively stored in our own databases and not at OpenAI. This ensures an additional layer of security and data privacy.
Data Protection Officer (DPO)
Brecht Valcke serves as Chathive's Data Protection Officer (DPO). If you have any questions or concerns about data protection, you can reach the DPO by emailing [email protected]. Your inquiries will be redirected to the DPO for appropriate handling.
Conclusion
Chathive is a safe and compliant chat service, adhering to strict privacy and security standards. By leveraging Azure OpenAI Service, we ensure your data remains within the European Union while providing advanced GPT-based functionalities.
For additional questions or clarifications, please contact our customer service at [email protected].