Privacy Policy

1. Who we are (Controller)

This Privacy Policy explains how we process personal data when you visit the ChatLine website and when you contact us or sign up for our pilot program.

2. What data we collect

• Website usage & technical data: IP address, timestamps, pages visited, referrer, device/browser information, and similar log data that is required to deliver the website and keep it secure.
• Contact and signup data: information you submit via forms, such as email address (newsletter/early access), and for pilot signups your studio name, your name, and email or phone number.
• Communications: if you contact us, we process the content of your message and our replies.

3. Why we process data (purposes & legal bases)

We process personal data for the following purposes:

• Provide and operate the website (Art. 6(1)(f) GDPR — legitimate interests in running a secure, reliable website).
• Respond to inquiries and handle pilot signups (Art. 6(1)(b) GDPR — steps prior to entering a contract; and/or Art. 6(1)(f) GDPR — legitimate interests in communicating with prospective customers).
• Analytics and product improvement (Art. 6(1)(f) GDPR — legitimate interests in understanding website usage and improving our content).
• Security and abuse prevention (Art. 6(1)(f) GDPR).
• Legal obligations where applicable (Art. 6(1)(c) GDPR).

4. Who we share data with (processors)

We do not sell personal data. We share data only where needed to operate the website and handle signups:

• Hosting and infrastructure: our website is hosted on infrastructure providers that process technical data necessary to deliver the site.
• Slack (lead notifications): when you submit forms on this site, the submitted details are forwarded to our Slack workspace so our team can follow up.
• Simple Analytics (website analytics): we use Simple Analytics to understand website traffic and improve content.
• Third-party services you choose to interact with: links and embedded resources (e.g. WhatsApp links, QR code generation, external image/CDN hosts) may receive your IP address and browser details when your device requests those resources.

5. International transfers

Some of the providers we use may process data outside the European Economic Area. Where required, we use appropriate safeguards (such as EU Standard Contractual Clauses) to protect personal data.

6. Retention

We retain personal data only for as long as necessary for the purposes described above, or as required by law. We then delete or anonymize it.

7. Your rights

Under the GDPR (and other applicable laws), you may have the right to:

• Access your personal data and receive a copy.
• Rectify inaccurate or incomplete data.
• Request deletion of your data (subject to legal requirements).
• Restrict processing in certain cases.
• Object to processing based on legitimate interests.
• Data portability where applicable.
• Withdraw consent where processing is based on consent (without affecting prior processing).

You also have the right to lodge a complaint with a supervisory authority (in particular in the EU member state of your habitual residence, place of work, or the place of the alleged infringement).

8. Cookies and similar technologies

We and our providers may use cookies or similar technologies to operate the website and measure usage. You can control cookies through your browser settings. Some features may not work properly if you disable certain cookies.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date above.