Privacy Policy

How Chat101 and Appuix, Inc. collect, use, and protect your information.

📅 Last Updated: January 9, 2026

1. Introduction

Chat101 is a product of Appuix, Inc., a Delaware corporation headquartered in Tampa, Florida, United States. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-native customer support platform and related services.

Company Information:
Appuix, Inc.
Tampa, Florida, USA
Email: privacy@chat101.ai
Data Protection Officer: dpo@appuix.xyz

By accessing or using Chat101, you agree to this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, company name, job title, billing address
  • Payment Information: Credit card details, billing information (processed through secure third-party payment processors)
  • Communications: Support tickets, emails, chat messages, feedback, and survey responses
  • User Content: Knowledge base articles, training data, custom configurations you upload to the platform

2.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent, click patterns, error logs
  • Cookies and Similar Technologies: Session cookies, persistent cookies, pixel tags, web beacons
  • Log Data: Server logs, access times, referring URLs

2.3 Information from Third Parties

  • Authentication Providers: Data from SSO, OAuth, SAML, or Auth1 providers
  • Integration Partners: Data from connected services (Shopify, Zendesk, Salesforce, etc.)
  • Analytics Providers: Aggregated analytics data

2.4 Customer End-User Data

When you use Chat101 to provide customer support, we process data about your customers ("End-Users") on your behalf. This may include:

  • Names and contact information
  • Support conversation content
  • Transaction and order information
  • Any data you configure Chat101 to collect or process
Important: You are the data controller for End-User data. We process this data as a data processor under your instructions. You are responsible for ensuring you have appropriate consent and legal basis to collect and process End-User data through Chat101.

3. How We Use Your Information

We use the information we collect for the following purposes:

Purpose Legal Basis (GDPR)
Providing and maintaining Chat101 services Contract performance
Processing payments and billing Contract performance
Customer support and communications Contract performance / Legitimate interest
Training and improving AI models Legitimate interest / Consent
Analytics and service improvement Legitimate interest
Marketing communications (with consent) Consent
Security and fraud prevention Legitimate interest / Legal obligation
Legal compliance Legal obligation

3.1 AI Model Training

Chat101's self-learning AI improves through interactions. By default:

  • Your tenant's AI model is trained only on data from your organization
  • Training data is isolated and not shared with other tenants
  • You can opt out of model training in your account settings
  • We do not use End-User personal data for training our general models without explicit consent

4. Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

4.1 Service Providers

We work with third-party companies that help us operate our business:

  • Cloud Infrastructure: Amazon Web Services (AWS)
  • Payment Processing: Stripe
  • Analytics: Google Analytics (with IP anonymization)
  • Email Services: SendGrid, Mailgun
  • Authentication: Auth1

All service providers are contractually obligated to protect your data and use it only for specified purposes.

4.2 Legal Requirements

We may disclose information if required by law, regulation, legal process, or governmental request, including to:

  • Comply with a subpoena, court order, or legal process
  • Protect the rights, property, or safety of Chat101, our users, or others
  • Enforce our Terms of Service
  • Detect, prevent, or address fraud, security, or technical issues

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred. We will notify you of any such change and any choices you may have regarding your information.

4.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our services.

5.1 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Required for basic site functionality, authentication, security Session / 1 year
Functional Remember preferences, language settings, login status 1 year
Analytics Understand how visitors use our site, improve performance 2 years
Marketing Deliver relevant ads, measure campaign effectiveness 90 days

5.2 Managing Cookies

You can control cookies through:

  • Cookie Consent Banner: Manage preferences when you first visit our site
  • Browser Settings: Most browsers allow you to refuse or delete cookies
  • Opt-Out Links: Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptout
Note: Disabling essential cookies may affect the functionality of Chat101.

6. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this policy:

  • Account Data: Retained while your account is active, plus 30 days after deletion request
  • Billing Records: 7 years (legal/tax requirements)
  • Support Conversations: 90 days after resolution (configurable per tenant)
  • Training Data: Retained until you request deletion or close your account
  • Log Data: 12 months
  • Analytics Data: 26 months (anonymized)

You can request earlier deletion of your data, subject to legal retention requirements.

7. GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

Right Description
Access Request a copy of the personal data we hold about you
Rectification Request correction of inaccurate or incomplete data
Erasure Request deletion of your personal data ("right to be forgotten")
Restriction Request limitation of processing in certain circumstances
Portability Receive your data in a structured, machine-readable format
Objection Object to processing based on legitimate interests or for marketing
Withdraw Consent Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at privacy@chat101.ai or dpo@appuix.xyz. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority in your country of residence.

7.1 Data Processing Agreement

For customers using Chat101 to process End-User data, we offer a Data Processing Agreement (DPA) that includes Standard Contractual Clauses for international data transfers. Contact legal@appuix.xyz to request a DPA.

8. CCPA Rights (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights:

  • Right to Know: Request information about the categories and specific pieces of personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the "sale" of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at privacy@chat101.ai or call 1-888-CHAT101.

8.1 Categories of Information Collected

In the past 12 months, we have collected the following categories of personal information:

  • Identifiers (name, email, IP address)
  • Commercial information (purchase history, billing records)
  • Internet activity (browsing history, usage data)
  • Professional information (job title, company)
  • Inferences drawn from the above

9. HIPAA Compliance

Healthcare Customers: Chat101 offers HIPAA-compliant configurations for healthcare organizations handling Protected Health Information (PHI).

9.1 Business Associate Agreement

If you are a Covered Entity or Business Associate under HIPAA and will use Chat101 to process Protected Health Information (PHI), we will enter into a Business Associate Agreement (BAA) with you before you process any PHI through our platform.

9.2 HIPAA Security Measures

For customers with a BAA in place, Chat101 implements:

  • Administrative Safeguards: Security policies, workforce training, access controls, incident response procedures
  • Physical Safeguards: Data center security, workstation policies, device controls
  • Technical Safeguards: Encryption at rest and in transit (AES-256, TLS 1.3), audit logging, automatic session termination, unique user identification

9.3 PHI Handling

  • PHI is stored in dedicated, encrypted databases
  • Access to PHI is logged and auditable
  • PHI is not used for AI model training unless explicitly authorized
  • We will report any breach of unsecured PHI within 72 hours

To request a BAA or discuss HIPAA compliance, contact compliance@appuix.xyz.

10. Data Security

We implement comprehensive security measures to protect your data:

10.1 Technical Security

  • Encryption: All data encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Infrastructure: SOC 2 Type II certified data centers
  • Access Control: Role-based access, multi-factor authentication
  • Monitoring: 24/7 security monitoring, intrusion detection
  • Backups: Regular encrypted backups with geographic redundancy

10.2 Organizational Security

  • Background checks for employees with data access
  • Regular security training
  • Incident response procedures
  • Regular security audits and penetration testing

10.3 Security Certifications

  • SOC 2 Type II
  • GDPR compliant
  • HIPAA compliant (with BAA)
  • PCI DSS compliant (payment processing)

11. International Data Transfers

Chat101 is operated from the United States. If you are accessing our services from outside the US, please be aware that your information may be transferred to, stored, and processed in the United States.

11.1 Transfer Mechanisms

For transfers from the EEA, UK, or Switzerland, we rely on:

  • Standard Contractual Clauses (SCCs): EU-approved contract terms for data transfers
  • Data Processing Agreements: With appropriate security measures
  • Adequacy Decisions: Where applicable

11.2 Data Residency Options

Enterprise customers can request data residency in specific regions (EU, US, or other available regions). Contact sales@chat101.ai for options.

12. Children's Privacy

Chat101 is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@chat101.ai, and we will delete such information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date at the top
  • Sending an email notification (for material changes)
  • Displaying a notice in the Chat101 dashboard

We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Appuix, Inc.
Tampa, Florida, USA

General Inquiries:
Email: privacy@chat101.ai

Data Protection Officer:
Email: dpo@appuix.xyz

HIPAA/Compliance:
Email: compliance@appuix.xyz

Legal Department:
Email: legal@appuix.xyz

We aim to respond to all inquiries within 30 days.