Legal & Compliance for Businesses

Businesses using Chatwize can choose not to store personal data. In that case, the chatbot is intended solely for informational purposes. At the beginning of each chat conversation, a disclaimer is shown instructing users not to enter personal data.

We also recommend mentioning in the disclaimer that the user is communicating with an AI chatbot and not a human employee. This makes it immediately clear to the visitor and provides their explicit consent before the conversation begins.

If a business does want to process personal data, it is important to activate the disclaimer function and refer to the privacy policy and terms and conditions. Users must first agree to these terms before they can chat. This can optionally also be included in the cookie notice on your website.

Additionally, we advise updating your privacy policy and terms and conditions with a brief section on the use of an AI chatbot. This ensures full transparency and complies with current legislation in a user-friendly manner.

At Chatwize, we enable businesses to proactively control and manage their data. Although conversations may be stored for internal purposes such as analysis, customer support, or service improvements for a limited time, Chatwize provides the ability for businesses to manually manage and delete this data at any time. This allows organizations to effectively align their own data storage policies with privacy regulations and internal security standards.

Users have full control over their data and can permanently delete conversations at any time. Once deleted, the data is completely erased from our system and cannot be recovered. Businesses using Chatwize can manage stored conversations via the platform and manually delete data if necessary. This ensures that customer data is handled safely and can be permanently deleted upon request, to maintain compliance with privacy legislation and data protection standards.

Businesses using Chatwize are responsible for ensuring the correct management of data and compliance with the GDPR (General Data Protection Regulation). We offer tools that allow businesses to manage their privacy settings, data retention, and security configurations. For transparency, Chatwize provides a Data Processing Addendum (DPA) that explains in detail how data is processed, stored, and protected. Businesses can consult this legal documentation to ensure they meet regulatory standards and understand and comply with their data protection obligations.

Chatwize operates on an ISO 27001-certified infrastructure, guaranteeing that all data is securely processed and stored in accordance with industry security standards.

Our AI chatbot is hosted on AWS cloud servers. AWS is ISO 27001-certified, meaning they meet international standards for data security. We leverage this certified infrastructure to provide robust encryption, continuous monitoring, and high-quality security measures, helping to prevent data breaches and secure the integrity of your data.

All data processed by Chatwize is securely stored on ISO 27001-certified AWS servers in Oregon, United States. This certification guarantees that we meet the highest international standards for data security. Our strict security protocols and measures ensure the confidentiality and integrity of the data, ensuring it is only used within our secure platform and not shared with external parties.

Chatwize utilizes OpenAI technology, but we have configured our OpenAI account so that processed data is NOT used to train or improve AI models. This means customer data is not stored by OpenAI and is never used to improve AI models.

For businesses that choose to connect their own OpenAI account, it is important to enable the data privacy setting in OpenAI to prevent data from being used for AI training. This is a simple process that can easily be configured in the OpenAI dashboard. Chatwize provides full support and guidance to help businesses set this up correctly. For customers utilizing their own OpenAI API key, OpenAI offers a specific DPA, available on OpenAI's DPA page.