Privacy Policy

1. Who We Are

Algorithma Technologies AB is a Swedish company that provides AI-powered chatbot services. We act as a data processor when processing personal data on behalf of our customers (the businesses that use our chatbot service). For personal data collected directly through our website (such as when you sign up for our service), we act as the data controller.

Contact information: Algorithma Technologies AB Org.nr: 559420-5709 Address: Packhusgatan 6, 411 13 Göteborg, Sweden Email: hej@algorithma.ai

2. Data We Collect

We collect different types of data depending on how you interact with us:

Website Visitors: - Technical data: IP address, browser type, device information - Usage data: Pages visited, time spent on site, referral source - Account data: Email address, name (when you sign up) - Payment data: Processed securely by Stripe (we do not store card details)

End Users of Chatbots: When you interact with a chatbot powered by hej.chat on a customer's website: - Messages and content you submit to the chatbot - Technical identifiers (session ID, IP address) - Metadata (timestamps, browser information)

Note: The business operating the chatbot is the data controller for your interactions. Please refer to their privacy policy for details on how they handle your data.

3. Purpose of Processing

We process personal data for the following purposes:

• Providing and operating the hej.chat service
• Responding to chatbot queries using AI-powered responses
• Account management and customer support
• Processing payments and managing subscriptions
• Improving our service and developing new features
• Ensuring security and preventing fraud
• Complying with legal obligations
• Sending service-related communications

4. Legal Basis for Processing

We process personal data based on the following legal grounds under the GDPR:

• Contract: Processing necessary to provide our services to you (Article 6(1)(b))
• Legitimate interests: Improving our services, ensuring security, and marketing our services to existing customers (Article 6(1)(f))
• Legal obligation: Compliance with applicable laws, such as tax and accounting requirements (Article 6(1)(c))
• Consent: Where you have given specific consent, such as for marketing communications (Article 6(1)(a))

5. Data Sharing and Sub-processors

We share personal data with trusted third-party service providers (sub-processors) who help us operate our service, including cloud hosting, AI model providers, payment processing, email delivery, and analytics.

All sub-processors are bound by data processing agreements and are required to protect your data in accordance with applicable data protection laws.

For a complete and up-to-date list of our sub-processors, please visit our Sub-processors page.

6. International Data Transfers

Some of our sub-processors are located outside the European Economic Area (EEA). When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, including:

• EU-US Data Privacy Framework (for certified US companies)
• Standard Contractual Clauses (EU SCCs)
• UK International Data Transfer Addendum (for UK transfers)

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Account data: Retained while your account is active and for up to 30 days after deletion
• Chat messages: Retained according to customer configuration, typically deleted within 30 days of account termination
• Technical logs: Retained for up to 90 days for security and troubleshooting purposes
• Payment records: Retained as required by tax and accounting laws (typically 7 years)
• Backup data: Deleted according to our standard backup retention cycles

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right of access: Request a copy of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data ("right to be forgotten")
• Right to restriction: Request limitation of processing
• Right to data portability: Receive your data in a machine-readable format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent at any time (where processing is based on consent)

To exercise these rights, please contact us at hej@algorithma.ai. We will respond within 30 days.

If you interact with a chatbot on a customer's website, please contact that business directly to exercise your rights regarding that data.

9. Cookies and Similar Technologies

We use cookies and similar technologies on our website:

Essential cookies: Required for the website to function properly (authentication, security)

Analytics cookies: Help us understand how visitors use our website. We use Umami (a privacy-focused analytics tool that does not use personal identifiers) and Google Tag Manager with Google Analytics (which may use cookies to collect usage data).

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

10. Security

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Access controls and multi-factor authentication
• Regular security monitoring and incident response procedures
• Employee confidentiality obligations

For more details, see our Data Processing Addendum.

11. Children's Privacy

Our service is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at hej@algorithma.ai.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or by email. The "Last Updated" date at the top of this policy indicates when it was last revised.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Algorithma Technologies AB Org.nr: 559420-5709 Address: Packhusgatan 6, 411 13 Göteborg, Sweden Email: hej@algorithma.ai