ElixirAgent Data Processing Consent

1.1 This policy describes how the ElixirAgent service operator processes personal data when a user visits the website, registers, pays for a plan, uses the dashboard, connects messengers, uploads knowledge base materials, or contacts support.

1.2 The operator processes personal data lawfully, fairly, and only to the extent required for the stated purposes, service operation, security, accounting, support, and legal compliance.

1.3 If the user uploads third-party personal data to chats, integrations, prompts, files, or the knowledge base, the user is responsible for having a lawful basis to provide such data to the service.

2.1 The operator may process account data: name, email, company name, password hash, role, plan, payment status, account settings, consent records, and service activity logs.

2.2 The operator may process technical data: IP address, user agent, cookies, device and browser parameters, session identifiers, security events, request logs, and integration diagnostic data.

2.3 The operator may process content provided by the user: knowledge base entries, company descriptions, service terms, price information, connected chat messages, attachments, AI prompts, generated answers, and operator notes.

3.1 The service uses strictly necessary cookies and localStorage records to authenticate the user, keep the session active, protect the account, remember technical interface state, and support dashboard operation.

3.2 These technical cookies include access and refresh token cookies, session and security identifiers, and browser-side values needed to select the workspace or restore interface context. They are not used for advertising, retargeting, or sale of data.

3.3 By registering and checking the personal data checkbox, the user consents to the use of such technical cookies and localStorage as part of the personal data processing described in this document. If optional analytics, advertising, or tracking cookies are introduced, the operator will request separate consent where required by law.

4.1 Data is processed to create and maintain accounts, provide the dashboard, AI tools, connected chats, integrations, billing, support, notifications, and security controls.

4.2 Data is processed to improve reliability, prevent abuse, investigate incidents, fulfill payment and accounting obligations, prove consent, and comply with lawful requests from competent authorities.

4.3 AI-related data is processed to generate answers from the user's knowledge base, test replies, route conversations to operators, and keep the service working as requested by the user.

5.1 The operator may collect, record, systematize, accumulate, store, clarify, retrieve, use, transfer, block, delete, destroy, and otherwise process data to the extent permitted by applicable law.

5.2 Processing may be automated and non-automated. The service may use software tools, databases, hosting infrastructure, payment providers, email services, messenger APIs, and AI providers.

5.3 The operator does not intentionally request special categories of personal data. Users must not upload such data unless they have a lawful basis and the service context requires it.

6.1 Data may be transferred to processors and service providers only where necessary for hosting, infrastructure, analytics, payments, email delivery, messenger integrations, AI processing, support, security, or legal compliance.

6.2 Data is stored for the period required to provide the service, fulfill legal obligations, protect rights, resolve disputes, maintain accounting records, and confirm consents.

6.3 When the legal basis or processing purpose expires, data is deleted, anonymized, or blocked unless mandatory law requires further storage.

7.1 The user may request information about processing, ask to update inaccurate data, withdraw consent where consent is the legal basis, request restriction or deletion where permitted, and contact the operator on personal data matters.

7.2 Withdrawal of consent may limit or terminate access to functions that cannot be provided without processing the relevant data.

7.3 Requests are reviewed within the period required by applicable law. The operator may ask for information needed to identify the requester and prevent unauthorized access to data.

8.1 By registering and checking the personal data checkbox, the user freely, knowingly, and specifically consents to the processing of personal data described in this document, including the use of strictly necessary technical cookies and localStorage.

8.2 The consent covers registration, billing, dashboard use, support requests, messenger connection, knowledge base setup, AI testing, and communication through connected channels.

8.3 The consent remains valid until the purposes of processing are achieved, the account is deleted, mandatory retention periods expire, or the user withdraws the consent.

9.1 The operator applies organizational and technical measures intended to protect data from unauthorized access, loss, modification, disclosure, and other unlawful processing.

9.2 The policy may be updated when the service, legal requirements, infrastructure, integrations, or processing purposes change. The current version is published on this page.