Laravel Cloud
Cloud hosting and infrastructure (Primary)
Country: Germany
Data Types: all application data, chat messages, user data
View DPAThis Data Processing Agreement sets out how chatebot processes personal data when acting as a processor for customer data. For enterprise DPA requests, contact [email protected].
Name: CHATEBOT (SMC-Private) Limited
Country: Pakistan
Primary Region: EU Central (Frankfurt) (eu-central-1)
chatebot uses EU primary hosting. Some subprocessors may process personal data outside the EU/EEA, including in the United States, where required to provide AI features, embeddings, moderation, channels, and actions. AI processors may vary based on selected model, platform key routing, BYOK configuration, and custom model IDs.
For restricted transfers, chatebot applies transfer safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, and equivalent legal mechanisms where applicable.
The following third-party subprocessors process personal data on our behalf:
Cloud hosting and infrastructure (Primary)
Country: Germany
Data Types: all application data, chat messages, user data
View DPAProduct analytics and feature flag evaluation (events sent only when analytics consent is granted)
Country: European Union
Data Types: pseudonymous product analytics events, feature flag context
View DPAView SubprocessorsTransactional email delivery
Country: Ireland
Data Types: recipient email address, delivery metadata, email content
View DPAView SubprocessorsAI/LLM processing for chat responses where OpenAI models or compatible routes are used
Country: United States
Data Types: chat messages, knowledge base content
View DPAAI model and embedding processing for configured Vertex AI routes
Country: European Union / United States
Data Types: chat messages, knowledge base content, embeddings
View DPAView SubprocessorsAI model and moderation processing for configured Bedrock routes
Country: United States
Data Types: chat messages, knowledge base content, moderation payloads
View DPAView SubprocessorsPayment processing and subscription management
Country: Finland
Data Types: billing information, email address
View DPAchatebot implements technical and organizational measures designed to protect personal data and requires confidentiality obligations for personnel and subprocessors with access to personal data.
chatebot will provide reasonable assistance to help customers respond to data subject requests, taking into account the nature of processing and the information available to chatebot.
Upon termination of applicable services and subject to legal retention obligations, chatebot will delete or anonymize personal data processed under this DPA according to documented retention schedules.
Name: Data Protection Officer
Email: [email protected]
Under GDPR and applicable data protection laws, data subjects have the right to access, rectify, erase, port, and object to processing of their personal data. Contact [email protected] to exercise these rights.