Privacy Policy

Protecting your privacy and data is our priority

Effective Date: May 2, 2026  |  Last Updated: May 2, 2026

1. Introduction

Welcome to ChozekAI. We are committed to protecting your privacy. This Privacy Policy explains how ChozekAI ("we," "us," or "our") collects, uses, discloses, and safeguards your information when you visit our website or use our services. By using our services, you agree to this policy. If you do not agree, please discontinue use of our services.

This policy applies to all users worldwide, including residents of the United States (including California), the European Union, and the European Economic Area.

2. Information We Collect

We may collect the following categories of information:

  • Personal Identifiers: Name, email address, phone number, and company name — provided during account registration, contact forms, or service inquiries.
  • Payment & Billing Data: Billing address and payment method details processed through our secure third-party payment processors. We do not store full payment card numbers.
  • Usage Data: IP address, browser type and version, operating system, device identifiers, pages visited, time spent on pages, referring URLs, and clickstream data.
  • Location Data: General geographic location inferred from your IP address.
  • Cookies & Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage, and deliver relevant content. See Section 9 for details.
  • Project & Training Data: Data you provide to us in connection with AI/ML projects, including datasets used for model training. This data is handled under strict confidentiality as described in Section 10.
  • Communications Data: Records of your correspondence with us, including emails and support requests.
  • Third-Party Integrations: Data received from third-party platforms or APIs you authorize us to connect with in the course of service delivery.

3. How We Use Your Information

We use your information for the following purposes and, where required by law, on the following legal bases:

  • Service Delivery (Contractual Necessity): To provide, operate, and maintain our services, process payments, and manage your account.
  • Communication (Contractual Necessity / Legitimate Interest): To respond to inquiries, send project updates, and provide customer support.
  • Improvement & Analytics (Legitimate Interest): To analyze usage patterns, troubleshoot issues, and improve our platform and AI models using anonymized, aggregated data.
  • Security & Fraud Prevention (Legitimate Interest): To monitor for suspicious activity, detect fraud, and protect the security of our systems.
  • Legal Compliance (Legal Obligation): To comply with applicable laws, regulations, and legal proceedings.
  • Marketing (Consent / Legitimate Interest): To send promotional communications about our services. You may opt out at any time via the unsubscribe link in any marketing email or by contacting us directly.
  • Automated Decision-Making: We may use automated tools to analyze data for service optimization. We do not use fully automated decision-making that produces significant legal effects on individuals without human oversight.

4. Sharing Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

  • Service Providers: We share data with trusted third-party vendors who assist in delivering our services (e.g., cloud hosting providers, payment processors, analytics platforms, email delivery services). These providers are contractually bound to process data only as instructed and to maintain appropriate confidentiality and security.
  • Legal Compliance: We may disclose information when required by law, court order, subpoena, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website prior to any such transfer.
  • With Your Consent: We may share information for other purposes with your explicit prior consent.

5. Data Security

We implement industry-standard technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Access controls and role-based permissions limiting data access to authorized personnel only.
  • Regular security assessments and vulnerability monitoring.
  • Secure, audited third-party infrastructure for data storage and processing.

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, within the timeframes mandated (e.g., 72 hours under GDPR).

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.

  • Account & Contact Data: Retained for the duration of our business relationship and for up to 3 years thereafter for legal and dispute resolution purposes.
  • Project & Training Data: Retained as specified in your individual project agreement. Upon expiration or termination, data is securely deleted or returned to you.
  • Usage & Analytics Data: Retained for up to 24 months in identifiable form, then anonymized or deleted.
  • Financial & Billing Records: Retained for a minimum of 7 years to comply with tax and accounting obligations.

7. Your Rights

General Rights (All Users)

  • Access and receive a copy of the personal information we hold about you.
  • Correct or update inaccurate or incomplete personal information.
  • Request deletion of your personal information, subject to legal retention obligations.
  • Opt out of marketing communications at any time.

California Residents — CCPA Rights

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected, the sources, our business purposes, and the categories of third parties with whom we share it.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Opt Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising.
  • Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information beyond what is necessary to provide our services.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California rights, contact us at [email protected]. We will respond within 45 days as required by law.

EU / EEA Residents — GDPR Rights

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access (Art. 15): Obtain confirmation of whether we process your data and receive a copy.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten") under applicable conditions.
  • Right to Restriction (Art. 18): Request that we restrict processing of your data in certain circumstances.
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing purposes.
  • Rights Related to Automated Decision-Making (Art. 22): Not be subject to solely automated decisions that produce significant legal effects.

To exercise your GDPR rights, contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

8. Changes to This Policy

We may update this Privacy Policy at any time. When we do, we will update the "Last Updated" date at the top of this page. For material changes — such as new uses of your personal data or new categories of data collected — we will notify you by email (at the address associated with your account) and/or by posting a prominent notice on our website at least 30 days before the changes take effect. Your continued use of our services after the effective date constitutes your acceptance of the revised policy.

9. Cookies & Tracking Technologies

We use the following types of cookies and similar technologies:

  • Strictly Necessary Cookies: Required for the website to function. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our site (e.g., Google Analytics). These are only set with your consent where required by law.
  • Functional Cookies: Remember your preferences and settings to improve your experience.
  • Marketing Cookies: Used to deliver relevant advertising. We do not use cross-site behavioral tracking cookies without your consent.

Do Not Track: Our website does not currently respond to browser "Do Not Track" (DNT) signals, as there is no universally accepted standard for DNT. However, you may control cookie usage through your browser settings or our cookie consent tool.

You can manage or disable cookies through your browser settings at any time. Disabling certain cookies may affect the functionality of our services.

10. AI & Machine Learning Data Handling

  • Client Training Data: Data you provide for model training remains your property and is processed solely for the purpose of delivering your project. It is not used to train models for other clients.
  • Anonymized Insights: We may use aggregated, anonymized insights derived from service delivery to improve our general methodologies, with no individual data attributable to any client.
  • Data Isolation: Client datasets are stored in isolated environments with strict access controls.
  • Deletion Upon Project Completion: Training data is securely deleted or returned according to the terms of your individual project agreement.
  • Automated Decision-Making: If any service involves automated decisions with significant impact on individuals, we will disclose this explicitly in the applicable project agreement and provide for human review upon request.

11. International Data Transfers

ChozekAI is based in Texas, United States. If you access our services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For transfers of personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States, we rely on appropriate transfer mechanisms, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • Other applicable transfer mechanisms or derogations as permitted under GDPR Chapter V.

By using our services, you acknowledge and consent to such transfers in accordance with this policy.

12. Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13 in accordance with the Children's Online Privacy Protection Act (COPPA). If we become aware that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete such information. If you believe we may have collected information from a child under 13, please contact us at [email protected].

13. Third-Party Links

Our website or services may contain links to third-party websites, tools, or services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the content, privacy practices, or data handling of any third-party services.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

We will respond to all privacy-related inquiries within 30 days.