GDPR

This page summarizes how AnyChat supports compliance with the General Data Protection Regulation (GDPR) for customers using our Services.

1. Roles Under GDPR

Customers are generally data controllers for personal data they collect and manage through the Services. AnyChat generally acts as a data processor on customer instructions.

2. Lawful Bases and Customer Responsibility

Customers are responsible for identifying and documenting lawful bases for processing and for providing privacy notices to their end users where required.

3. Data Subject Rights

AnyChat provides tools and operational support to help customers respond to verified requests regarding:

• Access
• Rectification
• Erasure
• Restriction
• Portability
• Objection

4. Security Measures

We maintain technical and organizational measures designed to protect personal data, including access controls, monitoring, and secure infrastructure practices appropriate to risk.

5. International Data Transfers

For cross-border transfers, AnyChat implements suitable safeguards in line with GDPR requirements, including contractual transfer mechanisms where applicable.

6. Sub-processors

We may use trusted sub-processors for infrastructure and service operations and require them to protect personal data in accordance with applicable data protection obligations.

7. Data Retention and Deletion

Personal data is retained according to contractual commitments, service configuration, and legal obligations. Customers can request deletion as described in our agreements and policies.

8. Agreements and Contact

If you need a signed DPA, transfer mechanism documentation, or additional privacy information, contact support@anychat.one.