GDPR Compliance
How chatdivo handles data protection under the General Data Protection Regulation (GDPR) for EU users.
The contents of this page do not constitute legal advice. For questions about how the GDPR applies to your specific situation, please consult a qualified legal professional.
What is GDPR?
The General Data Protection Regulation (GDPR) is a privacy and data protection law in the European Union (EU). It grants individuals (EU residents) certain rights regarding their personal data, including the right to access, correct, and delete their data.
Does the GDPR apply to you?
If you are based in the EU or if you collect any personal data from individuals located in the EU, the GDPR likely applies to you. Please check with your legal advisor to confirm how GDPR should be implemented in your business operations.
Is chatdivo GDPR-compliant?
chatdivo takes GDPR compliance seriously by implementing industry-standard practices around data protection and privacy. We continuously review our processes and procedures to ensure that we meet or exceed the requirements of the GDPR.
Privacy Policy
Our Privacy Policy explains the data we collect, the purposes, retention periods, and your rights as a data subject.
Encryption
All chatdivo data is encrypted both in transit (HTTPS/TLS) and at rest on our servers.
Data Control
You maintain full ownership of the data you collect and manage through chatdivo.
Data Processing Agreement
We have a standard DPA available. Contact us at support@chatdivo.com if you require a signed agreement.
Data Processing Agreement (DPA)
By creating a chatdivo account and agreeing to our Terms of Service, you enter into a Data Processing Agreement with chatdivo. If you need a separate signed copy or have additional questions, please reach out to us at support@chatdivo.com.
What happens with your data?
chatdivo is a platform for creating AI-powered WhatsApp agents. When you use chatdivo:
- You (the account owner) act as the Data Controller of the conversations and data your agents collect.
- chatdivo is the Data Processor, storing and processing data on your behalf.
As long as your chatdivo account remains active, you control how long data is stored. You can export or delete your conversation data at any time. Once deleted, data is removed from our systems and backups in accordance with our retention policy.
How do we use your personal data?
chatdivo acts as a Data Controller regarding the personal information you provide to register an account and use our service. We do not sell your personal information to third parties or use it for unsolicited marketing.
We share your data only with service providers necessary for the functioning of our platform (e.g., hosting providers, AI model providers, or email delivery). Any third-party sub-processors we use are contractually bound to comply with GDPR.
Sub-processors
We may use the following categories of sub-processors to help deliver the chatdivo service. Each sub-processor has committed to complying with GDPR requirements:
Hosting & Infrastructure
Secure data centers that manage servers and storage.
AI Model Providers
Language model APIs used to power agent responses.
Messaging Platform
WhatsApp Business API via Meta for message delivery.
Email Services
Tools for sending account notifications and alerts.
Analytics
Services that help us improve our product by understanding usage patterns.
Customer Support
Tools that allow us to respond quickly to your questions or issues.
To get the most up-to-date list of our sub-processors, please see our Privacy Policy or contact us at support@chatdivo.com.
Questions about GDPR?
We are committed to ensuring data privacy and security for all users. Please reach out if you have any questions or need further assistance regarding GDPR compliance.
GDPR Compliance at Chatdivo - Protecting Your Data Rights
The General Data Protection Regulation (GDPR) sets the global standard for data privacy and protection. At Chatdivo, we've designed our AI-powered WhatsApp agent platform with GDPR compliance built in from the ground up. This page provides a plain-language overview of our practices - the full compliance documentation is presented above.
Your Rights Under GDPR
As a Chatdivo user, you have the right to access, rectify, or delete your personal data at any time. You can also request a copy of your data in a portable format or object to specific processing activities. We make these rights easy to exercise through your account dashboard or by contacting our data protection team.
How We Process Data
Chatdivo processes data under several legal bases as defined by GDPR. Account data is processed under contractual necessity - we need your email to provide the service. Knowledge base content is processed under legitimate interest to power your AI agent. Customer conversation data from WhatsApp is processed on your behalf as a data processor, with you acting as the data controller.
Sub-Processors and Data Transfers
We use a limited number of sub-processors to deliver our service, including cloud infrastructure providers, AI model APIs, and the WhatsApp Business API via Meta. All sub-processors are vetted for GDPR compliance and bound by data processing agreements. We maintain a current list of sub-processors and notify customers of any changes in advance.
Data Security Measures
- Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Role-based access with principle of least privilege
- Audit Logging: All data access and modifications are logged
- Data Minimization: We collect only what's necessary to deliver the service
Data Processing Agreements
Enterprise and business customers can request a formal Data Processing Agreement (DPA) that outlines our obligations as a data processor. This includes details on data handling, breach notification procedures, and sub-processor management. Review our privacy policy and terms of service for additional legal context.