Data Policy — Chatbot AI (Sen)

This Data Policy supplements the Privacy Policy and Terms of Use by clarifying how DeAI governs the data lifecycle for conversational AI, user document storage, and knowledge retrieval.

For Chatbot DeAI (Sen), DeAI acts as the controller and processor under the user agreement. Sub-processors (hosting, payments, technical monitoring) may process data only on instructions and under contractual security measures.

• Identity and account data: name, email, phone, identifiers required for registration.
• Operational data: system logs, query metadata, error codes, session information.
• Content data: documents, files, and text you upload for training or Q&A within permissions you grant.
• Sensitive data (if any): processed only with a clear legal basis and strengthened safeguards.

Data is used to: grant access, personalize the chatbot experience, improve response accuracy within your materials, maintain security (attack/spam detection), comply with law, and resolve disputes.

DeAI designs architecture to minimize human access to user content; encryption and access controls are applied per module. Your training data is not used to train a shared third-party model without separate consent.

Data is stored on infrastructure in Vietnam (including at least one server system located in Vietnam as required for operations) and may be periodically backed up. Retention depends on data category, legal duties, and user requests.

You may request access, export, rectification, erasure, restriction of processing, or lodge complaints. DeAI responds within a reasonable timeframe and may request identity verification to protect accounts.

If an incident affects personal data, DeAI activates response procedures, records, mitigates, and notifies authorities/users as required.

Data is shared only with vendors under DPAs/security terms; not transferred to third parties for marketing without consent. Business transfers (M&A) will be notified as required.

For users within GDPR scope or similar frameworks, DeAI applies data minimization, purpose limitation, storage limitation, and data subject rights to the extent applicable.

DeAI may derive non-identifying aggregate statistics to improve performance and compliance reporting.

For paid tiers (e.g., VND 299,000 / 499,000 / 999,000 per month as described in the Terms), payment data is processed by qualified partners; DeAI does not store full raw card data on the chatbot system when not necessary.

Data requests: support@deai.ai. Address: 2Bis Cong Truong Quoc Te, Xuan Hoa Ward, Ho Chi Minh City, Vietnam. This policy may be updated; the effective date is stated at the top of the document.