Privacy Policy for Fali

Effective Date: 27th February 2025

Fali utilizes leading-edge language learning models (LLMs) to provide responsive and accurate answers to your inquiries. This document outlines our commitment to your privacy and details the measures we take to protect the personal information you share with us while interacting with our service.

Information Collection

Personal Data Collection: We collect personal data that includes your email address, which facilitates communication and personalization of our service. Additionally, we log the queries you submit and the corresponding responses provided by the ChatBot to refine and enhance the accuracy of our tool.

Interaction Logs: Every interaction with our ChatBot, including the timestamp of each session, is meticulously logged to help improve response relevance and timeliness.

Comments and Feedback: We actively collect user feedback submitted through our platform. This input is invaluable as it helps us to continually refine our offerings and address user needs more effectively.

Image Uploads: We collect and securely store images that you upload during interactions with Fali. These images help us better understand your inquiries and provide more accurate assistance.

Use of Information

Service Improvement: The primary use of collected data is to enhance the functionality and effectiveness of the ChatBot. By analyzing questions and responses, we are able to continually train our model to better serve your needs.

Communication: We may use your email address to contact you with updates about our service, respond to inquiries, or provide assistance with any issues related to Fali.

Data Retention and Deletion

Data Categories and Retention: We maintain the following categories of data:

• Chat History: This includes your conversation logs with the ChatBot. You can delete your chat history at any time through the Settings page for specific timeframes (last hour, day, week, month, or all). Deleting chat history does not affect our Questions and Answers database.
• Questions and Answers Database: We maintain a database of questions and corresponding answers to improve our service. This data is kept for a minimum of 1 month and is subject to your data retention preferences set in your account settings.
• Uploaded Images: All images uploaded during your interactions with the ChatBot are securely stored and automatically deleted after 30 days. This applies regardless of your other data retention settings.

Retention Periods: By default, we retain your data for 1 month. Through your account settings under "Data Retention," you can choose to extend this period to 3 months, 6 months, 1 year, or forever. When this retention period expires, personal data is anonymized in our knowledge base while preserving the value of Q&A pairs for service improvement. Note that uploaded images are always deleted after 30 days regardless of these settings.

Complete Data Deletion: If you wish to request complete deletion of all your data, including anonymized Q&A pairs and any uploaded images, please email support@yourcompany.com with your account email address. We will process your request within 30 days as required by applicable regulations.

Account Deletion: When you choose to delete your account through the Settings page, we:

• Delete all your chat history
• Anonymize your questions and answers in our database by replacing personal identifiers with randomized tokens
• Remove all privacy settings and associated personal information
• Delete your user account from our authentication system
• Your uploaded images will continue to be stored securely and will be automatically deleted after the standard 30-day retention period

Data Sharing and Third-Party Disclosure

No Third-Party Sharing: We steadfastly refuse to sell or share your personal data with third-party marketers.

OpenAI Partnership: Inputs and outputs related to the ChatBot are temporarily stored by OpenAI for a period of 30 days as part of our ongoing efforts to enhance the service, as detailed here.

Compliance and Legal Disclosures: While we do not share your personal information with third parties, we may disclose information if legally required to do so or if necessary to protect our rights or the rights of others.

Legal Basis for Processing (GDPR)

We process your personal data on the following legal grounds:

• Contract: Processing is necessary for the performance of our contract to provide you with the ChatBot service.
• Legitimate Interests: We process certain data based on our legitimate interests in improving our service, ensuring its security, and addressing user needs. This includes the retention of anonymized Q&A pairs.
• Consent: Where required by law, we process data based on your consent, which you can withdraw at any time.
• Legal Obligation: We may process your data to comply with legal obligations applicable to us.

User Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data:

• Right to Access: You can access your personal data through the Settings page or by contacting us.
• Right to Rectification: You can correct inaccurate personal data.
• Right to Erasure: You can delete your data as described in our Data Retention and Deletion section.
• Right to Restrict Processing: You can request restriction of processing of your personal data.
• Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.
• Right to Object: You can object to processing based on legitimate interests.
• Rights Related to Automated Decision Making: You have rights related to automated decision-making, including profiling.

To exercise these rights, please email support@yourcompany.com or use the relevant features in your account settings.

Data Security

Protective Measures: We employ robust technical, administrative, and organizational controls to safeguard your personal data against unauthorized access, loss, or modification. Measures include encryption, access control procedures, and secure software development practices.

Image Storage Security: All uploaded images are stored using industry-standard encryption and secure storage methods to ensure your data remains protected during the retention period.

Data Breach Notification: In the event of a data breach that may affect your personal information, we will notify you and relevant authorities as required by applicable law without undue delay.

International Data Transfers

Cross-Border Data Transfers: Information that we collect may be stored and processed in and transferred between any of the countries in which we operate to enable us to use the information in accordance with this policy. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

Cookies and Similar Technologies

Use of Cookies: We use cookies and similar technologies to provide, customize, and improve our services. You can control cookies through your browser settings. For more information, please see our Cookie Policy.

Children's Privacy

Our service is not directed at individuals under the age of 16. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information.

Artificial Intelligence Disclosure

Fali uses artificial intelligence (AI) and large language models (LLMs) to generate responses to your inquiries. All responses provided by this service are AI-generated and may contain inaccuracies. You should verify any information before relying on it.

In accordance with Article 50(1) of the EU AI Act (Regulation 2024/1689), we inform you that when you interact with Fali, you are interacting with an AI system. This service is classified as a limited-risk AI system under the EU AI Act, and this disclosure is provided to ensure transparency about the nature of the system you are using.

AI-generated content is marked with machine-readable headers (X-AI-Generated) in API responses to support downstream transparency obligations.

Changes to This Privacy Policy

Updates and Modifications: We may update this policy periodically to reflect changes in our practices or relevant regulations. We will notify you of significant changes by posting the new privacy policy on our website and, where appropriate, via email.

Contact Information and Complaints

For any questions or concerns regarding our privacy practices, please contact us at support@yourcompany.com or via our designated support channels.

If you are located in the EEA and believe that we have not adequately addressed your data privacy concerns, you have the right to lodge a complaint with your local supervisory authority.