ChatleonChatleon

Privacy Policy

Last updated: May 26, 2026

1. Information We Collect

We collect the following information when you use Chatleon:

  • Account information: Email address and full name provided during registration.
  • Documents: Files you upload to the Service for processing. These are stored in private, encrypted storage buckets.
  • Chat history: Conversations you have with the AI assistant are stored to enable session continuity.
  • Usage data: Message counts, document counts, and storage usage to enforce plan limits.
  • API keys: Hashed API keys you generate for programmatic access (we never store the raw key).
  • Billing data: Subscription status and customer IDs provided by LemonSqueezy. We do not store payment card details.

2. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the Service
  • Process your documents and generate AI responses
  • Manage your account and subscription
  • Send transactional emails (account confirmation, password reset)
  • Monitor and enforce plan usage limits
  • Improve service reliability and performance

3. Data Isolation and Security

Each user's data is strictly isolated using Row Level Security (RLS) at the database level. Your documents and chat history are never accessible to other users. Files are stored in private Supabase Storage buckets accessible only via short-lived signed URLs. We never use your documents to train AI models.

4. Third-Party Services

We use the following third-party services to operate Chatleon:

  • Supabase: Authentication, database, and file storage (EU and US regions).
  • OpenAI: Generating text embeddings and AI chat responses. Your document content is sent to OpenAI for processing. OpenAI's data retention policies apply.
  • Cohere: Reranking search results to improve response quality.
  • LemonSqueezy: Payment processing and subscription management.
  • Google Analytics: We use Google Analytics 4 to understand how visitors interact with our website (page views, traffic sources, session duration). Google Analytics collects anonymised usage data and sets cookies on your device. Google may process this data on servers in the United States. For more information on how Google uses this data, visit google.com/policies/privacy/partners.

5. Data Retention

Your data is retained for as long as your account is active. If you delete your account, your documents, chat history, and personal information will be permanently deleted within 30 days. You can delete individual documents or chat sessions at any time from your dashboard.

6. Cookies

We use two types of cookies: session cookies provided by Supabase Authentication to keep you signed in, and analytics cookies set by Google Analytics to measure website traffic and usage patterns. We do not use advertising cookies, retargeting cookies, or any cookies that track you across third-party websites.

7. Your Rights

You have the right to:

  • Access a copy of the personal data we hold about you
  • Request correction of inaccurate personal data
  • Request deletion of your account and associated data
  • Export your chat history and document list

To exercise any of these rights, contact us at support@chatleon.com.

8. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the Service at least 14 days before they take effect.

10. Contact

For privacy-related questions or requests, contact us at support@chatleon.com.