Privacy Policy for Tolki AI

Effective Date: 10 October 2024

Introduction

Tolki AI Limited ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and manage your information when you use Tolki AI, a chatbot for product discovery, which can be integrated into websites, Shopify, Telegram, WhatsApp, and other platforms.

We operate in compliance with the General Data Protection Regulation (GDPR) and other applicable laws. By using Tolki AI, you acknowledge that you have read and understood this Privacy Policy.

Who We Are

Company Name: Tolki AI Limited
Incorporation: Republic of Ireland
Address: DogPatch Labs, The CHQ Building, Custom House Quay, Dublin 1, D01 Y6H7, Ireland Contact Email: info@tolki.ai

Information We Collect

We collect the following types of information:

1. Merchant Data

  • Store Information: Name, domain, and product catalog necessary to operate our chatbot.
  • Contact Information: Merchant-provided email addresses and other details for communication.
  • Usage Data: Aggregated analytics to improve our marketing strategies and business decisions.

2. End-User Data

  • Interaction Data: Information shared during chatbot interactions, such as questions, preferences, and product interests.
  • Lead Information: Emails and product preferences provided by end users, when applicable.

3. Technical Information

  • Device and browser information (e.g., IP address, operating system, browser type).
  • Log files and operational data necessary for running and debugging the app.

4. Cookies

We use cookies only for the operation of Tolki AI and not for tracking individual users. Cookies ensure the functionality of the chatbot on integrated platforms.

How We Use Your Data

We use your data for the following purposes:

  1. Providing and Improving Our Services
    • To enable the chatbot's functionality, such as product recommendations and lead generation.
    • To analyze usage patterns and generate analytics for merchants.
  2. Business and Marketing Insights
    • To make data-driven decisions for improving our marketing strategies.
    • To offer aggregated, non-identifiable analytics to our customers.
  3. Communication
    • To resolve issues and provide customer support.
  4. Legal and Compliance
    • To comply with Irish and EU legal requirements, including GDPR.

We process personal data based on the following legal grounds:

  1. Contractual Necessity: To provide our services as agreed with merchants and end users.
  2. Legitimate Interests: For analytics, service improvement, and security purposes.
  3. Consent: When requesting end-user email addresses or preferences during chatbot interactions.
  4. Legal Obligation: To comply with applicable laws and regulations.

Data Sharing and Transfers

We do not sell or rent personal data. However, we may share data in the following situations:

  1. Service Providers: Third-party providers such as AWS, Microsoft Azure, and OpenAI, which operate European-based servers.
  2. Legal Requirements: To comply with legal obligations or protect our rights.

We ensure all third-party providers comply with GDPR and use appropriate safeguards, such as Standard Contractual Clauses (SCCs), for international data transfers.

Data Retention

We retain data only as long as necessary for its intended purpose:

  1. Merchant Data: Retained for the duration of the Shopify or platform integration and up to 12 months after uninstallation.
  2. End-User Data: Deleted or anonymized when it is no longer necessary for providing services or when requested by the user.

Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

  1. Access: Request a copy of your personal data.
  2. Correction: Correct inaccurate or incomplete data.
  3. Deletion: Request the deletion of your data (“right to be forgotten”).
  4. Restriction: Limit the processing of your personal data.
  5. Data Portability: Receive your data in a structured, machine-readable format.
  6. Objection: Object to data processing for specific purposes.
  7. Withdrawal of Consent: Withdraw your consent where applicable.

To exercise your rights, contact us at info@tolki.ai.

Data Security

We take the protection of your personal data seriously and implement robust security measures:

  • Regular internal security audits.
  • Data encryption and secure access controls.
  • Compliance with industry-standard practices for safeguarding data.

Cookies and Tracking Technologies

Tolki AI uses cookies strictly to operate our chatbot functionality and not for tracking individual users. No behavioral tracking or profiling is conducted.

When using Tolki AI, the chatbot includes a link redirecting users to this Privacy Policy for transparency.

Complaints and Contact

If you have any concerns or complaints about our data practices, please contact us at:

  • Email: info@tolki.ai
  • Address: DogPatch Labs, The CHQ Building, Custom House Quay, Dublin 1, D01 Y6H7, Ireland

You also have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in legal requirements or our practices. Any updates will be posted here, and the effective date will be updated accordingly.

Thank you for trusting Tolki AI with your data