OnlyChatr AI

THEPEAKCOMPANY LTD

Privacy Policy

Effective Date: 26/9/2025

1. Introduction

This Privacy Policy explains how THEPEAKCOMPANY LTD ("we," "us," or "our") collects, uses, and protects your personal data when you use our services. We are committed to safeguarding your privacy in compliance with the UK GDPR, the Data Protection Act 2018, and applicable EU GDPR requirements.

2. Information We Collect

Account Data: Email address, login credentials.

Instagram Data: Access tokens, Instagram IDs, and associated profile information necessary for chatbot functionality.

Payment Data: Processed via Stripe; we do not store credit/debit card details.

Usage Data: Logs, chatbot interactions, and analytics related to service performance.

3. How We Use Your Information

We use your data to:

  • Deliver and maintain the chatbot service.
  • Manage subscriptions and payments.
  • Communicate essential updates, feature changes, and service notices.
  • Monitor usage for security and fraud prevention.
  • Improve and develop our services.

4. Legal Bases for Processing

We process your data under the following legal bases:

  • Contractual necessity (to provide the service).
  • Legal obligations (accounting and compliance).
  • Legitimate interests (improving services, preventing misuse).
  • Consent (where applicable, e.g., optional marketing communications).

5. Sharing Your Data

We share data only with trusted service providers:

  • Stripe (payment processing).
  • Supabase (authentication and database).
  • Render (hosting).
  • OpenAI (AI chatbot responses).
  • Meta/Instagram (social media API integration).

We do not sell or rent personal data to third parties.

6. Data Retention

  • Account and subscription data are retained as long as you maintain an account.
  • Instagram tokens and chatbot logs are retained only as necessary for functionality.
  • Financial records may be retained for up to 6 years as required by law.
  • Upon account closure, we delete or anonymise personal data within a reasonable timeframe, unless retention is legally required.

7. Security

We use encryption, restricted access, and secure hosting providers to protect your information. However, no system is 100% secure, and we cannot guarantee absolute security of transmitted data.

8. International Data Transfers

Your data may be transferred outside the UK/EEA, including to the United States. We use standard contractual clauses and other safeguards to ensure adequate protection of your data.

9. Your Rights

Under UK GDPR and EU GDPR, you have the right to:

  • Access your data.
  • Correct inaccuracies.
  • Request deletion of your data.
  • Restrict or object to processing.
  • Data portability.
  • Lodge complaints with the UK ICO (Information Commissioner's Office).

To exercise these rights, contact us at mc@onlychatr.com.

10. Service Availability Disclaimer

As our service relies on third-party providers, we cannot guarantee permanent data availability or uninterrupted service. Some data may be lost or inaccessible due to external disruptions.

11. Updates to This Policy

We may update this Privacy Policy to reflect changes in law or service practices. We will notify you of material updates via email or in-app notification.

12. Contact

For questions or concerns regarding privacy, contact us at:

📧 mc@onlychatr.com