Privacy Policy

Last updated: 30 March 2026

Who we are

ChatIFA is a product of ChatIFA Ltd, a web technology business based in Cardiff, Wales. If you have any questions about this policy, you can reach us at hello@chatifa.co.uk.

What data we collect

We collect the following information when you use ChatIFA:

  • Account information - your email address, used for authentication via magic link sign-in.
  • Website content - text from your website pages, which we process and store so the AI can answer visitor questions accurately.
  • Chat conversations - messages exchanged between your website visitors and the ChatIFA widget.
  • Lead details - contact information that visitors voluntarily share during chat conversations (e.g. name, email, phone number).

How we use your data

  • To provide and operate the ChatIFA service, including generating AI responses based on your website content.
  • To send you notifications about new leads and conversations via email.
  • To improve the service and fix issues.

We do not sell your data to third parties. We do not use your data for advertising.

Third-party services

We use the following third-party services to operate ChatIFA:

  • Anthropic (Claude)- powers the AI chat responses. Conversation data is sent to Anthropic’s API to generate replies.
  • OpenAI - used for generating text embeddings of your website content, which help the AI find relevant information.
  • Brevo - used for sending transactional emails such as magic link sign-in emails and lead notification emails.
  • ChromaDB - used for vector storage of website content embeddings.

Each of these services has their own privacy policy. We only share the minimum data necessary for each service to function.

Data storage and security

Your data is stored on servers hosted in the EU/UK. We take reasonable measures to protect your data, including encryption in transit (HTTPS) and secure access controls.

Cookies and local storage

The ChatIFA dashboard uses standard session cookies for authentication. The chat widget on your website does not use cookies - it uses localStorage to maintain the conversation session, so visitors are not tracked across websites.

Your rights

Under UK GDPR, you have the right to:

  • Access - request a copy of the personal data we hold about you.
  • Rectification - ask us to correct any inaccurate data.
  • Deletion - ask us to delete your personal data.
  • Portability - request your data in a portable format.
  • Objection - object to our processing of your data.

To exercise any of these rights, email us at hello@chatifa.co.uk. We aim to respond within 30 days.

Changes to this policy

We may update this privacy policy from time to time. If we make significant changes, we will notify you by email. Your continued use of ChatIFA after changes are posted constitutes acceptance of the updated policy.

Contact

If you have any questions about this privacy policy or how we handle your data, please contact us at hello@chatifa.co.uk.