Confidant.love
GDPR Compliant

Privacy Policy

Last updated: December 18, 2024

Important: This Privacy Policy explains how Confidant (operated by KMN SOLUTIONS d.o.o.) collects, uses, and protects your personal information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Information We Collect

1.1 Personal Information

We collect the following personal information when you use our service:

  • Account Information: Username, email address, and password (encrypted)
  • Profile Information: Any additional information you provide in your profile
  • Chat Data: Messages you send and AI responses you receive
  • Session Information: Chat session IDs and timestamps
  • Technical Data: IP address, browser type, device information, and usage analytics

1.2 Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide our chat service and maintain your account
  • Legitimate Interest: To improve our service, ensure security, and prevent fraud
  • Consent: For optional features and marketing communications (where applicable)
  • Legal Obligation: To comply with applicable laws and regulations

2. How We Use Your Information

We use your personal information for the following purposes:

  • Providing and maintaining our chat service
  • Processing your chat messages and generating AI responses
  • Managing your account and authentication
  • Improving our service and user experience
  • Ensuring security and preventing fraud
  • Complying with legal obligations
  • Communicating with you about service updates and important notices

3. Data Sharing and Third Parties

We do not share your personal data with any third parties. Your data remains private and is only used to provide our service to you.

No Data Sharing

We do not sell, trade, rent, or share your personal information with any third parties. We do not use third-party analytics services, tracking services, or any other services that would collect or process your personal data.

No Third-Party Tracking

We do not use Google Analytics, Facebook Pixel, or any other analytics or tracking services. We do not track user behavior or collect metrics through third-party services.

Limited Exceptions

The only circumstances where we may share information are:

  • Legal Requirements: When required by law, court order, or government request
  • Protection of Rights: To protect our rights, property, or safety, or that of our users

4. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Secure data centers and infrastructure
  • Employee training on data protection
  • Incident response procedures

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy:

  • Account Data: Retained while your account is active and for a reasonable period after deactivation
  • Chat Messages: Stored for the duration of your account and may be retained for service improvement purposes
  • Log Data: Typically retained for 12 months for security and debugging purposes
  • Legal Requirements: Some data may be retained longer if required by law

You can request deletion of your data at any time (see Section 7 - Your Rights).

6. International Data Transfers

Your personal information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses approved by the European Commission
  • Other appropriate safeguards as required by GDPR

7. Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Access

Request a copy of your personal data and information about how it's processed.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data ("right to be forgotten").

Right to Restriction

Request limitation of processing under certain circumstances.

Right to Portability

Receive your personal data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests.

Right to Withdraw Consent

Withdraw consent where processing is based on consent.

Right to Lodge a Complaint

Complain to your local data protection authority.

To exercise these rights, please contact us using the information provided in Section 9.

8. Cookies and Tracking Technologies

We use only essential cookies necessary for the website to function properly. We do not use any third-party tracking or analytics services.

  • Essential Cookies: Required for basic functionality and security (session management, authentication)
  • Session Cookies: Maintain your login session and chat state
  • No Analytics Cookies: We do not use Google Analytics, Facebook Pixel, or any other analytics or tracking cookies
  • No Third-Party Cookies: We do not allow third parties to set cookies on our website

Important: We do not share your data with any other party, and we are not using any other service to track or collect user metrics.

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect service functionality. For more detailed information, please see our Cookie Policy.

9. Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

KMN SOLUTIONS, svetovanje, razvoj in raziskave, d.o.o.

Email: support@confidant.love

Address: Rovte 113, 1373 Rovte, Slovenia

Tax Number: SI94870438

Registration Number: 7016239000

We will respond to your request within 30 days of receipt.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to registered users
  • Displaying a notice on our service

Your continued use of our service after such changes constitutes acceptance of the updated policy.

11. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us immediately.

Note: This Privacy Policy is effective as of the date listed above. Please review it regularly to stay informed about how we protect your information.