Privacy Policy
Last Updated: March 16, 2026
Controller: Processifier Sp. z o.o., ul. Józefa Piusa Dziekońskiego 1, 00-728 Warszawa, Polska. KRS: 0000932013, NIP: 7011059822, REGON: 520497564. ("ChatBenchmark", "we", "us") Contact: privacy@chatbenchmark.com
This policy explains what personal data we collect, why, and how we handle it.
No personal data in AI queries. We send only brand names, keywords, and generic prompts to AI providers. No personal data (your name, email, IP) is ever included. Our Terms of Use prohibit users from including personal data in prompts, keywords, or project/competitor names.
1. When You Visit Our Website or Use the App
When you visit chatbenchmark.com or use app.chatbenchmark.com, our hosting provider (Railway) automatically collects your IP address, browser type, and device information to deliver the page.
Cookies. We use localStorage for your login session (no consent needed — strictly necessary). We also use marketing and analytics cookies from Meta (Facebook/Instagram Pixel), Google (Ads, Tag Manager, Analytics), and LinkedIn (Insight Tag) for conversion tracking, site/app analytics, and remarketing — but only with your consent via our cookie consent banner. These platforms act as joint controllers and also use collected data for their own advertising. You can change your cookie preferences anytime via the cookie settings link on our website. Analytics and marketing cookies are used on both chatbenchmark.com and app.chatbenchmark.com.
Their privacy policies: Meta | Google | LinkedIn
Live chat. We use tawk.to (tawk.to Inc., USA) to provide live chat support on both chatbenchmark.com and app.chatbenchmark.com. When you use the chat widget, tawk.to processes your messages, IP address, browser information, and any contact details you provide (such as your name or email). tawk.to acts as our data processor. Chat data is used to respond to your inquiries (Art. 6(1)(b) — contract for existing users; Art. 6(1)(f) — legitimate interest for visitors).
We may add more marketing or support tools in the future — the cookie consent banner always has the current list of cookies.
2. When You Sign Up and Manage Your Account
We collect your email address and full name at registration. You set a password (we store it hashed, never in plain text). We verify your email via a confirmation code.
If you invite team members, we process their email addresses and assigned roles. We keep an audit log of team membership changes for security.
Why: To provide you the service you signed up for (Art. 6(1)(b) GDPR — contract).
Where stored: Railway (USA) hosts our application and database. Verification and invitation emails are sent via Resend (USA).
How long: As long as your account is active. If you delete your account, data is removed within 30 days (except billing records — see Section 4).
3. When You Use the Product
ChatBenchmark monitors how brands appear in AI responses. We store your projects, competitors, prompts/keywords, the AI responses we collect, and our analysis results (sentiment scores, citations, share-of-voice, hallucination detection).
This content is business data (brand names, keywords, metrics), not personal data. But it's linked to your account, so we treat it with care.
AI providers. We query AI models (such as OpenAI and Perplexity) and SERP services (for Google AI Overview/AI Mode results) using only your brand names, keywords, and generic prompts. No personal data is sent. These providers are not our data processors because they don't receive personal data.
Why: To deliver the core service (Art. 6(1)(b) GDPR — contract). Server logs (IPs, request paths, timing) are kept for security and performance (Art. 6(1)(f) GDPR — legitimate interest).
We use automated processing (AI analysis, sentiment scoring, hallucination detection) to generate reports. These outputs are informational — they don't produce legal effects on you or make automated decisions about you.
4. When You Pay
We process billing through Stripe. We never see or store your card number — Stripe handles that directly. We store your billing contact info (company name, address, NIP, billing email) and subscription details.
Why: To process payment (Art. 6(1)(b) — contract) and to keep billing records as required by Polish tax law (Art. 6(1)(c) — legal obligation).
Billing records are retained for 5 years after the relevant tax year (Polish Ordynacja podatkowa). This data survives account deletion.
5. Data Transfers
We're based in Poland (EU). Our infrastructure providers are in the US:
| Provider | Purpose | Location |
|---|---|---|
| Railway | Application hosting, database | USA |
| Stripe | Payments | USA / Ireland |
| Resend | Transactional email | USA |
| tawk.to | Live chat support | USA |
These transfers are covered by the EU-US Data Privacy Framework and/or Standard Contractual Clauses where applicable.
Marketing platforms (Meta, Google, LinkedIn) may also transfer data to the US when you consent to marketing cookies.
AI providers (OpenAI, Perplexity) and SERP services are in the US but receive no personal data from us.
6. Data Retention
| Data | Kept for |
|---|---|
| Account data (name, email) | Active account + 30 days after deletion |
| Billing records | 5 years (Polish tax law) |
| Projects, prompts, AI responses | Active account; deleted with project/account |
| Team data and audit log | Lifetime of organization account |
| Trial account data (if not converted to paid) | 30 days after trial expiry |
| Server logs (IPs, requests) | 90 days |
| Live chat transcripts (tawk.to) | Per tawk.to retention policy |
| Marketing cookie data | Per provider policy; cleared when you withdraw consent |
Deleting your account removes all associated data (except billing records). We may also create anonymized, aggregated statistics (e.g., "most monitored industries") that never identify individual customers.
7. Your Rights
Under GDPR, you can: access your data, correct it, delete it, restrict processing, export it (data portability), object to processing based on legitimate interest, and withdraw consent (e.g., for marketing cookies via the cookie banner).
To exercise any right, email us at privacy@chatbenchmark.com.
You can also lodge a complaint with our supervisory authority: UODO (Urząd Ochrony Danych Osobowych), ul. Stawki 2, 00-193 Warszawa (uodo.gov.pl).
8. Other
Security. We hash passwords, encrypt data in transit (HTTPS), restrict access to personal data, and redact sensitive information from logs.
Children. This is a B2B service not directed at children. We don't knowingly collect data from anyone under 16.
Changes. We may update this policy. For material changes, we'll notify you by email at least 30 days before they take effect. The "Last Updated" date at the top shows the latest revision.
Contact: privacy@chatbenchmark.com