Introduction
Welcome to n8n AI Chat ("we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, store, and share your personal information. This Privacy Policy explains our practices regarding your personal data when you use our AI-powered chat application available at https://chat.soula.ge (the "Service").
How We Use Your Information
Primary Uses
- Authentication: Verify your identity using Google OAuth
- Service Provision: Deliver the core chat functionality and AI responses
- Personalization: Customize your experience based on your preferences
- Communication: Send you important updates about your account or our Service
- Integration: Facilitate connections between our chat interface and your n8n workflows
Secondary Uses
- Security: Detect and prevent fraud, abuse, and unauthorized access
- Improvement: Analyze usage patterns to enhance our Service
- Support: Provide customer service and technical support
- Legal Compliance: Meet legal obligations and enforce our Terms of Service
How We Store and Protect Your Information
Data Storage
- Database: We use Supabase (PostgreSQL) to store your account information, chat history, and preferences
- Location: Data is stored in secure, enterprise-grade data centers
- Encryption: All data is encrypted in transit and at rest using industry-standard encryption
- Backup: Regular automated backups ensure data availability and integrity
Security Measures
- Access Controls: Strict access controls limit who can view your data
- Authentication: Multi-factor authentication for administrative access
- Monitoring: 24/7 security monitoring and incident response
- Regular Audits: Periodic security assessments and vulnerability testing
Data Retention
- Account Data: Retained while your account is active and for up to 90 days after deletion
- Chat Messages: Stored indefinitely unless you request deletion
- Log Data: Retained for up to 12 months for security and troubleshooting purposes
- OAuth Tokens: Securely stored and refreshed as needed; revoked when you disconnect your Google account
How We Share Your Information
We Do Not Sell Your Data
We never sell, rent, or trade your personal information to third parties for their marketing purposes.
Limited Sharing Scenarios
We may share your information only in these specific circumstances:
Service Providers
- Supabase: Database hosting and management
- Google: OAuth authentication services
- n8n Integration: Data necessary for workflow functionality (only data you explicitly choose to send)
Legal Requirements
- Legal Process: When required by law, subpoena, or court order
- Safety: To protect the rights, property, or safety of our users or others
- Business Transfer: In connection with a merger, acquisition, or asset sale (with user notification)
With Your Consent
- Explicit Permission: When you explicitly authorize sharing for specific purposes
- Integration Choices: Data you choose to send to your n8n workflows
Your Rights and Choices
Access and Control
- View Your Data: Request a copy of all personal information we have about you
- Update Information: Modify your profile and preferences at any time
- Delete Messages: Remove individual chat messages or entire conversation histories
- Export Data: Download your chat history and account information
Google OAuth Controls
- Disconnect Google Account: Revoke our access to your Google account at any time
- Google Account Settings: Manage OAuth permissions through your Google account settings
- Re-authentication: We may require periodic re-authentication for security
Account Management
- Account Deletion: Permanently delete your account and associated data
- Data Portability: Export your data in standard formats
- Marketing Communications: Opt out of non-essential communications
How to Exercise Your Rights
Contact us at privacy@soula.ge or use the settings page in our application to:
- Request data access or deletion
- Update your information
- Report privacy concerns
- Ask questions about this policy
Cookies and Tracking Technologies
Essential Cookies
- Authentication: Maintain your login session
- Security: Prevent cross-site request forgery
- Functionality: Remember your preferences and settings
Analytics and Performance
- Usage Analytics: Understand how our Service is used (anonymized data)
- Error Tracking: Identify and fix technical issues
- Performance Monitoring: Optimize application speed and reliability
Third-Party Cookies
- Google OAuth: Authentication and account verification
- n8n Integration: Facilitate webhook communications
You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.
International Data Transfers
If you access our Service from outside the region where our servers are located, your information may be transferred across international borders. We ensure appropriate safeguards are in place for such transfers, including:
- Adequate Protection: Transfers only to countries with adequate privacy protections
- Standard Contractual Clauses: Use of approved data transfer mechanisms
- User Consent: Your continued use of our Service constitutes consent to such transfers
Children's Privacy
Our Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@soula.ge, and we will delete such information promptly.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will:
- Notify Users: Send email notifications for material changes
- Update Date: Change the "Last Updated" date at the top of this policy
- Provide Notice: Give advance notice when possible for significant changes
- Maintain Previous Versions: Keep records of previous policy versions
Your continued use of our Service after changes become effective constitutes acceptance of the updated Privacy Policy.
California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to Know: What personal information we collect and how we use it
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt out of the sale of personal information (we don't sell data)
- Right to Non-Discrimination: We won't discriminate against you for exercising your rights
To exercise these rights, contact us at privacy@soula.ge with proof of California residency.
European Privacy Rights (GDPR)
If you are in the European Economic Area, you have rights under the General Data Protection Regulation:
- Right of Access: Request access to your personal data
- Right of Rectification: Correct inaccurate personal data
- Right of Erasure: Request deletion of your personal data
- Right of Portability: Receive your data in a portable format
- Right to Object: Object to processing of your personal data
- Right to Restrict: Limit how we process your personal data
Our lawful basis for processing includes:
- Contract Performance: Necessary to provide our Service
- Legitimate Interest: For security, analytics, and service improvement
- Consent: For optional features and marketing communications
Compliance and Certifications
We strive to maintain compliance with:
- Google OAuth Policies: Adherence to Google's OAuth 2.0 requirements
- SOC 2 Type II: Security and availability controls (through our service providers)
- GDPR: European data protection regulations
- CCPA: California consumer privacy act
- Industry Standards: Following best practices for data protection
This Privacy Policy is effective as of the date stated above and applies to all users of the n8n AI Chat Service. By using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.