Last updated: January 31, 2025
Effective Date: February 1, 2025
Data Protection at a Glance
What We Collect
- Account information (email, name)
- AI conversation data
- Usage analytics (anonymized)
How We Protect It
- End-to-end encryption
- Zero-knowledge architecture
- Swiss data residency
Data We Collect
Account Information
- Personal Details: Name, email address, and profile information you provide
- Billing Information: Payment details processed securely through Stripe (we don't store payment data)
- Preferences: Account settings, language preferences, and subscription details
Conversation Data
- AI Conversations: Messages you send to AI models and their responses
- Uploaded Files: Documents, images, or other files you share with AI models
- Chat History: Your conversation history with timestamps and model selection
Technical Data
- Usage Analytics: Feature usage, session duration, and interaction patterns (anonymized)
- Device Information: Browser type, operating system, IP address (anonymized)
- Error Logs: Technical errors and performance data to improve our service
How We Use Your Data
Service Provision
- Deliver AI collaboration services
- Maintain chat history and preferences
- Process payments and subscriptions
Service Improvement
- Analyze usage patterns (anonymized)
- Improve AI collaboration algorithms
- Enhance security and performance
AI Training & Model Improvement
Important: We Do NOT Use Your Data for AI Training
Unlike some AI platforms, MultipleChat does not use your conversations, uploads, or personal data to train AI models. Your data remains private and is used solely to provide our services to you.
Third-Party AI Providers: When you use our service, your queries are sent to third-party AI providers (OpenAI, Anthropic, Google, xAI) through their official APIs. Each provider has their own data handling practices:
- OpenAI (ChatGPT): Does not use API data for training when using their commercial API
- Anthropic (Claude): Does not use API conversations for training their models
- Google (Gemini): Commercial API usage is not used for model training
- xAI (Grok): Follows enterprise-grade data handling practices
Data Sharing & Third Parties
We Never Sell Your Data
MultipleChat will never sell, rent, or lease your personal information to third parties for marketing or commercial purposes.
Limited Data Sharing
We only share data in these specific circumstances:
- AI Service Providers: Your queries are sent to AI providers to deliver our service (with enterprise data protection agreements)
- Payment Processing: Stripe processes payments securely (we don't see your payment details)
- Legal Requirements: When required by law, court order, or to protect our legal rights
- Business Transfers: In case of merger or acquisition (with continued data protection commitments)
Security Measures
Technical Security
- AES-256 encryption at rest
- TLS 1.3 encryption in transit
- Zero-knowledge architecture
- Regular security audits
Operational Security
- Multi-factor authentication
- Employee background checks
- Principle of least privilege
- 24/7 security monitoring
Your Rights
Under GDPR, CCPA, and other privacy laws, you have the following rights regarding your personal data:
Right to Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete information
Right to Erasure
Request deletion of your personal data
Right to Portability
Export your data in a machine-readable format
Right to Restriction
Limit how we process your data
Right to Object
Object to certain types of data processing
How to Exercise Your Rights: Contact us at [email protected] or use the data controls in your account settings. We'll respond within 30 days.
Data Retention
Retention Periods
Chat History
Retained while your account is active. You can delete conversations anytime.
Account Information
Retained while your account is active, then 30 days after account deletion.
Analytics Data
Anonymized usage data retained for up to 2 years for service improvement.
Billing Records
Retained for 7 years for legal and tax compliance requirements.
International Data Transfers
Swiss Data Residency
MultipleChat is based in Switzerland and primarily processes data within Switzerland and the EU. Switzerland is recognized by the EU as providing adequate data protection.
When We Transfer Data:
- AI Service Providers: Some AI providers (OpenAI, Google, xAI) are US-based. We use Standard Contractual Clauses (SCCs) and ensure they have adequate safeguards.
- Cloud Infrastructure: Our EU-based cloud infrastructure ensures data remains within jurisdictions with adequate protection.
Regulatory Compliance
GDPR
Full compliance with EU General Data Protection Regulation
SOC 2 Type II
Independently audited security and availability controls
ISO 27001
Information security management system alignment
Additional Compliance
- CCPA (California Consumer Privacy Act)
- Swiss Federal Data Protection Act
- UK Data Protection Act 2018
- Canada PIPEDA compliance
Contact Our Privacy Team
Have questions about data protection, want to exercise your rights, or need to report a privacy concern? Our dedicated privacy team is here to help.
Privacy Inquiries
[email protected]Data Protection Officer
[email protected]Postal Address
MultipleChat AI
Untere Wiltisgasse 5
CH-8700 Küsnacht
Switzerland
CHE-232.104.780