ChatAnalyzerSign in →

Legal

Privacy Policy

Last updated: March 4, 2026

1. Overview

ChatAnalyzer ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our chat analytics platform.

Our core principle is zero data retention — your raw chat files are processed entirely in-memory and are never written to disk or stored in our databases.

2. Data We Collect

We collect the following types of information:

  • Account data: Name, email address, and hashed password when you register.
  • Usage data: Number of analyses run, file sizes, and plan limits — no message content.
  • Analysis results: Aggregated metrics (message counts, participant counts, activity patterns) stored encrypted using AES-256-GCM. Raw messages are never stored.
  • Payment data: Processed by iyzico (our payment provider). We never store full card numbers.

3. How We Process Your Chat Files

When you upload a chat export, it is processed as follows:

  1. The file is received by our API and held in memory only.
  2. Natural language processing and analytics are run in-memory.
  3. Only the computed metrics (not raw messages) are encrypted and stored.
  4. The original file and raw message content are discarded from memory after processing.

This means we cannot read, access, or recover your original chat messages at any point after processing.

4. Data Storage & Security

  • Analysis results are encrypted with AES-256-GCM, keyed per-user via HKDF derivation.
  • All data is transmitted over TLS 1.2+.
  • Passwords are hashed with bcrypt (cost factor 12).
  • Database hosted on Neon (Azure region) with SOC 2 compliance.

5. Data Retention

  • Raw chat files: never stored — deleted from memory immediately after processing.
  • Analysis results: retained until you delete your account or request deletion.
  • Account data: retained until account deletion.
  • Payment records: retained as required by financial regulations (7 years).

6. Your Rights (GDPR / KVKK)

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and all associated data (via Settings → Danger Zone).
  • Export your analysis results.
  • Withdraw consent at any time.

7. Third-Party Services

  • iyzico — Payment processing. Subject to iyzico's privacy policy.
  • Neon — Database hosting. Data processed in EU/Azure West Europe.
  • Redis Cloud — Temporary job queue data (TTL: 5 minutes). No personal data stored.

8. Cookies

We use only essential session cookies for authentication. We do not use tracking or advertising cookies.

9. Contact

For privacy inquiries or data requests, contact us at: privacy@chatanalyzer.io