Privacy Policy

CHATIFIX is owned and operated by Md Rezaul Karim, based in Tangail, Bangladesh. We take your privacy and data protection extremely seriously. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform and services.

By using CHATIFIX, you agree to the collection and use of information in accordance with this policy. We are committed to ensuring that your privacy is protected at all times.

Terms of Service Refund Policy

Information We Collect

Account Information

When you register for CHATIFIX, we collect your company name, email address, and password. Your password is hashed using industry-standard bcrypt encryption and is never stored in plain text.

Payment Information

Payment processing is handled by Paddle.com, our merchant of record. We do not store your credit card numbers, bank account details, or other payment credentials on our servers. Paddle processes and stores all payment data securely in compliance with PCI DSS standards. We only receive transaction confirmations, subscription status, and billing identifiers from Paddle.

Business Data

You may upload documents (PDFs, Word files, spreadsheets, etc.) to train your AI assistant. This data is stored securely and is used exclusively to power your AI assistant's responses.

Chat & Conversation Data

Conversations between your customers and your AI assistant are stored to provide conversation history, analytics, and improve response quality. This data belongs to you and is never shared.

Usage Data

We collect basic usage metrics such as API call counts, feature usage, and error logs to improve our service and provide you with analytics in your dashboard.

Third-Party Integrations

If you connect Facebook, WhatsApp, or other platforms, we store the necessary access tokens and configuration data to operate your integrations. We only access and use data that is required for the features you enable.

How We Use Your Data

We use your information solely for the following purposes:

Providing AI Services: Your uploaded documents and business data are used to train and power your personalized AI assistant.
Account Management: Your account information is used to authenticate you and manage your subscription.
Payment Processing: Billing and subscription management is handled through Paddle. We use transaction data to activate, upgrade, downgrade, or cancel your plan.
Service Improvement: Aggregated, anonymized usage data helps us improve the platform. We never use your business data to train AI models for other customers.
Customer Support: To assist you with technical issues and account inquiries.
Communication: To send you service-related notifications, updates, and security alerts.

We will NEVER: Sell your data, share your data with third parties for marketing purposes, use your business data to train models for other customers, or access your data without your consent.

Data Security

Your data is 100% secure with CHATIFIX. We implement comprehensive security measures to protect your information:

Complete Data Isolation

Each customer's data is completely isolated at the database level. Your information is never visible to other customers.

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using HTTPS/TLS protocols.

Secure Authentication

API keys are SHA-256 hashed, passwords are bcrypt hashed, and sessions use time-limited JWT tokens.

PCI-Compliant Payments

All payment processing is handled by Paddle, a PCI DSS compliant payment provider. No card data touches our servers.

Data Retention

Your data is stored as long as your account is active.
After account cancellation, data is retained for 30 days, then permanently deleted.
You can request immediate deletion of all your data at any time by contacting [email protected].

On-Premise Deployment

Enterprise customers can deploy CHATIFIX on their own servers, ensuring your data never leaves your infrastructure. Contact [email protected] for details.

Third-Party Services

We use the following third-party services to operate CHATIFIX:

Paddle.com — Payment processing and subscription management (merchant of record). Paddle's privacy policy: paddle.com/legal/privacy
Facebook / Meta — If you enable Facebook integrations, data is exchanged via the Facebook Graph API.
WhatsApp / Meta — If you enable WhatsApp integrations, messages are routed through the WhatsApp Business API.

We only share the minimum data necessary for these services to function. We do not sell or share your data with any other third parties.

Cookies

We use essential cookies to keep you logged in and maintain your session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. Our cookies are strictly functional and necessary for the service to work.

Paddle may set cookies during the checkout process for fraud prevention and payment processing. These are governed by Paddle's cookie policy.

Your Rights

You have the following rights regarding your personal data:

Access: You can request a copy of all personal data we hold about you.
Correction: You can update or correct your account information at any time from your dashboard.
Deletion: You can request deletion of your account and all associated data.
Data Portability: You can export your data (documents, conversations, contacts) at any time.
Withdraw Consent: You can disconnect third-party integrations and withdraw consent at any time.

To exercise any of these rights, contact [email protected].

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via email or a prominent notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

[email protected]

Contact Us