Demos
Purchase Theme $19
Ready to use Demos

Here are example of predefined demo sites
that can be imported within one click.

Demo 1
Demo 2
Demo 3
Demo 4
Demo 5
Demo 1
Demo 2
Demo 3
Demo 4
Demo 5

Privacy Policy

Last Updated: October 2025

At ChatBar AI, privacy is not a checkbox – it is our foundation. We have intentionally built a privacy-first architecture that minimizes data collection, maximizes transparency, and aligns with the world’s most rigorous data protection standards. Even before our clients demand it, we have proactively aligned our practices with the General Data Protection Regulation (GDPR) and Singapore’s Model AI Governance Framework (MAIG).

This Privacy Policy explains how we collect, use, store, and protect your data when you use ChatBar AI. Our commitment is simple: we collect only what we need, we protect what we collect, and we give you full control over your data.

1. Who We Are

ChatBar AI is a Singapore-based AI company with an international team from the UK, Germany, Canada, and Indonesia. We provide conversational AI assistants built on proprietary retrieval-augmented generation (RAG) technology and our patent-pending TASK Protocol.

Our platform is designed to help businesses deploy AI responsibly, securely, and transparently – without the regulatory burden of traditional AI systems that collect personally identifiable information (PII).

Data Controller:
ChatBar AI Pte. Ltd.
📍 Singapore
📧 privacy@chatbar-ai.com
🌐 https://chatbar-ai.com/built-for-trust/

2. Our Privacy-First Architecture

Unlike traditional chatbots that collect and store personal information about individual users, ChatBar AI is intentionally designed to minimize data collection. Our architecture focuses on aggregate insights and trends, not individual tracking.

What This Means for You:

  • No PII Collection by Default: ChatBar does not require or store names, email addresses, phone numbers, or other personally identifiable information unless explicitly configured by the client for specific use cases.
  • Anonymous Chat Logs: Conversations are logged for quality improvement and trend analysis, but are not linked to individual identities.
  • TASK Protocol: Our patent-pending TASK interface allows businesses to gain insights from customer interactions without needing to know who individual users are.

This approach reduces regulatory burden, accelerates deployment, and gives your customers peace of mind.

3. Information We Collect

When you use ChatBar AI, we may collect the following categories of data:

3.1 Client & Business Data

Information provided during onboarding and configuration, such as:

  • Contact details for account administrators (name, email, company name)
  • Business documents, website content, or knowledge base materials you choose to connect to ChatBar
  • Configuration settings and preferences

3.2 Usage Data

Logs of system interactions to improve AI performance and provide insights, including:

  • Chat queries and responses (anonymized by default)
  • Interaction patterns, trends, and aggregate analytics
  • System performance metrics and error logs

3.3 Technical Data

Information collected automatically for security and performance monitoring:

  • IP addresses (for fraud prevention and geo-targeting compliance features)
  • Device identifiers and browser settings
  • Session duration and navigation patterns

3.4 Cookies & Tracking Technologies

We use cookies and similar technologies for:

  • Necessary cookies: Essential for site functionality and security
  • Analytics cookies: To understand how visitors use our website (opt-in for EU visitors)
  • Marketing cookies: To deliver relevant content and measure campaign effectiveness (opt-in for EU visitors)

For more details, see our Cookie Policy.

We do not sell personal data to third parties. Ever.

4. How We Use Data

We process data only for the purposes agreed with our clients and users:

4.1 Service Delivery

  • Delivering AI chat functionality and RAG-based insights
  • Providing the TASK Protocol interface for trend analysis
  • Responding to customer support requests

4.2 Improvement & Innovation

  • Improving system performance, accuracy, and explainability
  • Training and refining AI models (using anonymized, aggregated data)
  • Developing new features and capabilities

4.3 Security & Compliance

  • Maintaining security, fraud prevention, and incident response
  • Ensuring compliance with legal, regulatory, and contractual obligations
  • Conducting audits and maintaining audit logs

4.4 Communication

  • Sending service updates, security alerts, and important notices
  • Providing customer support and responding to inquiries
  • Marketing communications (opt-in only)

5. Legal Basis for Processing (GDPR)

In line with GDPR Article 6, we process personal data based on:

5.1 Consent

Explicit permission provided by you or your organization for specific processing activities (e.g., marketing communications, analytics cookies).

5.2 Contractual Necessity

Processing required to deliver ChatBar AI services under our Terms of Service or client agreements.

5.3 Legitimate Interests

For security, product improvement, and responsible AI practices, provided these interests do not override your fundamental rights and freedoms.

5.4 Legal Obligation

To comply with applicable laws, regulations, and legal processes.

6. Data Protection & Security

We apply Security by Design principles throughout our infrastructure:

6.1 Encryption

  • In Transit: TLS 1.2/1.3 encryption for all data transmission
  • At Rest: Application-level encryption for sensitive customer data; AES-256 encryption for cloud-hosted data

6.2 Multi-Region Infrastructure

ChatBar AI operates infrastructure across multiple regions to provide optimal performance, data residency options, and redundancy:

  • European Union: Infrastructure in Helsinki (Finland), Strasbourg (France), and Frankfurt (Germany) ensures GDPR compliance and data sovereignty for EU clients
  • Asia-Pacific: Singapore region for regional performance and compliance with local regulations
  • North America: United States infrastructure for low-latency service to North American customers

Renewable Energy: Our EU infrastructure is powered by clean energy sources:

  • Helsinki, Finland: Powered by Finland’s clean energy grid (approximately 70% carbon-free from hydroelectric, nuclear, and wind sources)
  • Frankfurt, Germany: Google Cloud Platform infrastructure running on 68% carbon-free energy, with commitment to 24/7 carbon-free energy by 2030
  • Strasbourg, France: Access to France’s low-carbon electricity grid (over 90% from nuclear and renewable sources)

For detailed infrastructure information, see our Trust Centre and Sustainability pages.

6.3 Access Control

  • Role-based access control (RBAC) with principle of least privilege
  • Multi-factor authentication (MFA) for administrative access
  • Full audit logs of all data access and modifications

6.4 Vendor Oversight

ChatBar AI engages only two subprocessors that process personal data:

  • Google Cloud Platform – Customer account information and infrastructure hosting
  • Stripe – Payment processing and subscription management

All subprocessors are subject to Data Processing Agreements (DPAs), continuous security reviews, and third-party certification checks (ISO 27001, SOC 2, PCI DSS). Our transparent Subprocessor List is maintained and updated quarterly.

Important distinction: Infrastructure providers that process only anonymous conversation data (with no personal identifiers such as names, emails, or IP addresses) are not subprocessors under GDPR Recital 26, as anonymous data is not personal data.

6.5 Incident Response

  • Documented incident response procedures
  • 72-hour breach notification commitment (GDPR Article 33)
  • Regular security testing and vulnerability assessments

7. Data Sharing & Cross-Border Transfers

7.1 When We Share Data

We only share data with trusted third parties in the following circumstances:

  • Service Providers: Cloud hosting (Google Cloud Platform) and payment processing (Stripe) under strict DPAs
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Business Transfers: In the event of a merger, acquisition, or sale (with advance notice to clients)
  • With Your Consent: When you explicitly authorize data sharing

7.2 Cross-Border Transfers

When data is transferred outside the EU/EEA, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs): GDPR-approved data transfer mechanisms (2021 European Commission approved clauses)
  • Adequacy Decisions: Transfers to countries recognized by the EU Commission as providing adequate protection
  • Client Control: Clients retain control over data residency and can choose EU-only hosting to avoid international transfers entirely

For a complete list of subprocessors and their locations, visit https://chatbar-ai.com/subprocessors/

8. Data Retention

We keep personal and business data only as long as necessary to:

  • Deliver services under active client agreements
  • Comply with legal obligations (e.g., tax, accounting, regulatory requirements)
  • Resolve disputes or enforce agreements

Retention Periods:

  • Active Client Data: Retained for the duration of the service agreement
  • Chat Logs: Retained for 12 months for quality improvement, then anonymized or deleted
  • Account Data: Retained for 90 days after account closure, then permanently deleted
  • Legal/Compliance Data: Retained as required by applicable law (typically 7 years)

Clients may request deletion of their data at any time by contacting privacy@chatbar-ai.com.

9. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR) and Singapore’s Model AI Governance Framework (MAIG), you have the following rights:

9.1 Right to Access (Article 15)

Request a copy of the personal data we hold about you.

9.2 Right to Rectification (Article 16)

Request correction of inaccurate or incomplete data.

9.3 Right to Erasure / “Right to Be Forgotten” (Article 17)

Request deletion of your personal data (subject to legal retention requirements).

9.4 Right to Restrict Processing (Article 18)

Request limitation of how we process your data.

9.5 Right to Data Portability (Article 20)

Request your data in a structured, machine-readable format.

9.6 Right to Object (Article 21)

Object to processing based on legitimate interests or for direct marketing purposes.

9.7 Right to Withdraw Consent (Article 7)

Withdraw consent at any time for processing activities based on consent.

9.8 Right to Lodge a Complaint

File a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, contact us at:
privacy@chatbar-ai.com
https://chatbar-ai.com/built-for-trust/

We will respond to all requests within 30 days as required by GDPR Article 12.

10. Compliance by Design

10.1 GDPR Compliance

ChatBar AI is built with GDPR principles at its core:

  • Data Minimization: We collect only what we need
  • Purpose Limitation: Data is used only for specified, legitimate purposes
  • Storage Limitation: Data is retained only as long as necessary
  • Integrity & Confidentiality: Strong security measures protect all data
  • Accountability: We maintain records of processing activities and conduct regular audits

For detailed GDPR compliance information, visit https://chatbar-ai.com/built-for-trust/.

10.2 Singapore Model AI Governance Framework (MAIG)

We have proactively aligned our AI practices with Singapore’s MAIG framework, championed by the Infocomm Media Development Authority (IMDA):

  • Transparency: Clear explanations of how ChatBar AI works and makes decisions
  • Explainability: Insights into AI reasoning and recommendations
  • Accountability: Documented governance, oversight, and human review processes
  • Human-Centric Design: AI that augments human decision-making, not replaces it
  • Fairness & Inclusivity: Ongoing monitoring for bias and discriminatory outcomes

For detailed MAIG alignment information, visit https://chatbar-ai.com/maig.

10.3 Sustainability Commitment

Our infrastructure is powered by renewable energy across multiple regions:

  • Helsinki, Finland: Clean energy grid (approximately 70% carbon-free from hydroelectric, nuclear, and wind sources)
  • Frankfurt, Germany: Google Cloud Platform infrastructure (68% carbon-free energy, with commitment to 24/7 carbon-free energy by 2030)
  • Strasbourg, France: Low-carbon electricity grid (over 90% from nuclear and renewable sources)
  • Singapore: Google Cloud Platform with water efficiency and sustainability initiatives

This supports our clients’ ESG goals and our commitment to sustainable technology.

For detailed sustainability information, visit https://chatbar-ai.com/sustainability.

10.4 Future Certifications

As part of our phased compliance roadmap, we are pursuing:

  • SOC 2 Type II certification (in progress)
  • ISO 27001 certification (planned)
  • Additional industry-specific certifications based on client needs

11. Children’s Privacy

ChatBar AI is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

When we make changes:

  • We will update the “Last Updated” date at the top of this policy
  • For material changes, we will notify clients via email and provide a 30-day notice period
  • Continued use of ChatBar AI after changes take effect constitutes acceptance of the updated policy

We encourage you to review this policy periodically.

13. Contact Us & Data Protection Officer

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact:

ChatBar AI Privacy Office
Singapore
privacy@chatbar-ai.com
https://chatbar-ai.com/built-for-trust/

Data Protection Officer (DPO):
dpo@chatbar-ai.com

EU Representative (for GDPR inquiries):
[To be appointed – pending]

The Bottom Line

ChatBar AI is more than a tool – it is a trusted partner. Our team has worked with military and government organizations globally, where security and discretion are non-negotiable. We bring that same discipline to every ChatBar deployment.

We believe that privacy-first AI is better AI – not just for compliance, but for building lasting trust with your customers. By intentionally minimizing data collection, we reduce risk, accelerate deployment, and create a foundation for responsible innovation.

Your data. Your control. Our commitment.

For more information about our compliance story, visit our Trust Center at https://chatbar-ai.com/built-for-trust/.

ChatBar AI Privacy Policy
Effective Date: January 2026