Privacy Policy

We take data protection seriously for you and your customers.

Guzli (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our AI-powered chatbot platform.

This page is intended to provide a clear explanation of our practices. It may be supplemented by separate data processing agreements or customer contracts where applicable.

1. Introduction

Guzli provides an AI chatbot platform that helps businesses answer questions, capture leads, and support customers across their websites and other channels. To provide these services, we process certain types of information about you, your team, and your customers.

By accessing or using Guzli, you agree to the practices described in this Privacy Policy. If you do not agree, you should not use the service.

2. Information We Collect

We collect information in three main categories.

2.1 Personal Information

Information that identifies you as an individual, such as:

  • Name and contact information (for example email address and phone number)
  • Company name and job title
  • Billing and payment information (processed via our payment provider)
  • Account credentials you create to log in to Guzli

2.2 Usage Data

Information about how you and your customers interact with the platform, such as:

  • Chat conversation logs and related analytics
  • Page views, clicks, and other website interactions when our widget is installed
  • API usage, performance metrics, and diagnostic logs
  • Device, browser, and approximate location derived from IP address

2.3 Customer Data

Data you or your team provide to configure and train your chatbot, including:

  • Information about your website visitors and leads captured through chat
  • Chat transcripts between your visitors and the chatbot or your team
  • Knowledge base content, documents, and other materials you upload
  • Integrations and data you connect from third-party tools (for example CRM, help desk, or analytics platforms)

Where we process customer data on your behalf, we act as a data processor and you remain the data controller.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain our AI chatbot services
  • To authenticate users and secure access to your workspace
  • To process payments and send billing or account-related communications
  • To improve and personalize the chatbot experience for your visitors
  • To train and enhance our AI models, using aggregated or anonymized data where possible
  • To send important product updates, security notices, and administrative messages
  • To respond to support requests, troubleshoot issues, and provide customer success assistance
  • To monitor usage, performance, and reliability of the platform
  • To detect, prevent, and investigate fraud, abuse, or security incidents

We do not sell your personal information.

4. Data Sharing and Disclosure

We share information in limited circumstances:

  • Service providers: We use trusted third-party vendors for hosting, analytics, payment processing, email delivery, logging, and similar functions. These providers only access data as needed to perform services on our behalf and are bound by contractual confidentiality and security obligations.
  • Legal and compliance: We may disclose information if required by law, subpoena, or lawful request from government authorities, or to protect our rights, property, or safety and that of our users.
  • Business transfers: If we are involved in a merger, acquisition, financing, or sale of all or a portion of our business, your information may be transferred as part of that transaction subject to appropriate safeguards.
  • With your consent: We may share information with third parties when you instruct us to do so or provide explicit consent for a specific integration or use case.

We do not sell your personal information, and we do not allow third parties to use customer data for their own marketing purposes without your consent.

5. Data Security

We use a combination of technical, organizational, and administrative measures to protect data, including:

  • Encryption in transit using HTTPS/TLS for all network traffic to and from our services
  • Encryption at rest for sensitive data where appropriate
  • Access controls that limit data access to authorized personnel on a need-to-know basis
  • Logging, monitoring, and alerts for suspicious activity and potential abuse
  • Regular security updates, patching, and infrastructure hardening
  • Employee training on security and privacy practices

No system is completely secure, but we work continuously to protect your information and investigate any reported issues.

6. Your Rights and Choices

Depending on your location and applicable law, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct or update inaccurate or incomplete information.
  • Deletion: Request deletion of your personal data, subject to legal or contractual limitations.
  • Portability: Request a portable copy of certain personal data in a structured, commonly used format.
  • Restriction: Request that we limit processing of your personal data in certain circumstances.
  • Objection: Object to certain types of processing, including direct marketing.
  • Opt-out of marketing: You can unsubscribe from marketing emails at any time using the link in the email or by contacting us.

If we process your data on behalf of a customer (for example, your employer or the owner of a website using Guzli), you should direct requests regarding access, deletion, or modification of your data to that customer. We will assist them as required by our agreement and applicable law.

7. Data Retention

We retain data for as long as necessary to provide the service, comply with legal obligations, and resolve disputes. In general:

  • Account and profile data are retained while your account is active and for a reasonable period after closure.
  • Chat logs and related analytics are retained according to settings in your workspace or as described in your customer agreement.
  • Billing, invoicing, and transactional records are retained for the period required by applicable law (for example tax or accounting rules).

We may anonymize or aggregate data so that it can no longer be associated with an identifiable individual. We may retain this information for analytics, benchmarking, and product improvement.

8. International Data Transfers

Guzli may process and store data in countries outside of your own, including the United States and other jurisdictions where we or our service providers operate.

When we transfer personal data from the European Economic Area (EEA), the United Kingdom, or other regions with data transfer restrictions, we implement appropriate safeguards, which may include:

  • Standard contractual clauses approved by the European Commission or other competent authorities
  • Data processing agreements with our sub-processors that include robust privacy and security obligations
  • Additional technical and organizational measures designed to protect data during transfer and at rest

You can contact us if you have questions about our data transfer mechanisms.

9. Compliance with GDPR, CCPA, and Other Laws

For users and customers in the EEA, United Kingdom, and other jurisdictions with similar regulations, we seek to comply with applicable data protection laws such as the General Data Protection Regulation (GDPR). This includes providing lawful bases for processing and supporting data subject rights.

For California residents, we also seek to comply with the California Consumer Privacy Act (CCPA) and similar state laws, including rights to know, delete, and opt out of certain processing where applicable.

If you operate in highly regulated environments (for example healthcare or financial services), we can work with you on appropriate contractual and technical measures.

10. Children’s Privacy

Our services are not intended for children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you believe that a child has provided us with personal data, please contact us so we can take appropriate action.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or privacy practices. When we make material changes, we will update the “Privacy Policy” page on our website and adjust related metadata.

You should review this page periodically to stay informed about our data practices.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, you can contact us:

If you are a data subject in the EEA, UK, or another region with specific privacy rights, you may also have the right to lodge a complaint with your local data protection authority.