AI Agent and CopilotMost lovedUnified shared inboxLive chat widgetTicketing and SLAKnowledge baseAnalytics that explainTwo-way translationInternal team chatView all features
ChannelsPricingAboutFAQ
Sign inStart free
← All policies

Data Processing Agreement

How Chatonics processes personal data on behalf of its customers.

Last updated: June 29, 2026Version 0.1 (Draft)
Draft - not yet in force. This is version 0.1, pending review by qualified legal counsel. Some details shown in brackets are placeholders to be finalised before launch. It is provided for planning and is not legal advice.

1. Roles

  • The Customer is the controller of personal data processed through the Service.
  • Chatonics ([Legal Entity]) is the processor, acting on the Customer's documented instructions.
  • This Agreement supplements the Terms of Service.

2. Scope and purpose

ItemDetail
Subject matterProcessing of personal data to provide the Service
DurationFor the term of the Customer's use of the Service
Nature and purposeHosting, messaging, AI assistance, ticketing, analytics
Data subjectsCustomer's staff and the Customer's end customers / contacts
Data categoriesContact details, message content, usage data (see Annex A)

3. Processor obligations

  • Process personal data only on the Customer's documented instructions.
  • Ensure persons authorized to process data are bound by confidentiality.
  • Implement appropriate technical and organizational security measures.
  • Assist the Customer with data-subject requests and compliance obligations.
  • Make available information needed to demonstrate compliance.

4. Security measures

  • Encryption of sensitive credentials, access controls, and tenant isolation.
  • Logging, monitoring, and least-privilege access.
  • Further detail is provided in the Security Whitepaper (Annex B reference).

5. Subprocessors

  • The Customer authorizes the use of subprocessors listed in Annex C (for example hosting, email, AI processing).
  • Subprocessors are bound by data-protection obligations no less protective than this Agreement.
  • We will inform the Customer of intended changes and provide an opportunity to object.

6. Data subject rights and breaches

  • We will assist the Customer in responding to data-subject requests.
  • We will notify the Customer without undue delay after becoming aware of a personal-data breach.

7. International transfers

Where personal data is transferred across borders, appropriate safeguards (for example standard contractual clauses) will be used as required by applicable law. [Confirm mechanism with counsel.]

8. Return and deletion

On termination, we will delete or return personal data at the Customer's choice, except where retention is required by law. See the Data Retention Policy.

9. Audits

We will make available information reasonably necessary to demonstrate compliance and allow for audits subject to reasonable notice and confidentiality. [Define scope with counsel.]

10. Annexes

  • Annex A - Data details: categories of data and data subjects. [To complete.]
  • Annex B - Security measures: reference the Security Whitepaper. [To finalize.]
  • Annex C - Subprocessors: current list maintained at [subprocessor list URL]. [To complete.]