This privacy policy (‘Privacy Policy’) explains how information about you is collected, used, and shared by Paladin Max, Inc. and its affiliated companies (‘innochat,’ the ‘Company,’ ‘we,’ ‘our,’ or ‘us’). This Privacy Policy applies to information we collect when you use our websites https://www.innoChat.ch (the ‘Website’) and other online products and services (collectively, the ‘Services’).
By downloading, accessing, using and/or interacting with our services, you expressly consent to and agree to the collection, use and disclosure of the information you provide in accordance with this Privacy Policy. This Privacy Policy is incorporated by reference into the Terms of Use at https://www.innoChat.ch/terms (our ‘Terms of Use’) and is subject to the provisions of the Terms of Use. Capitalised terms used in this Privacy Policy but not defined herein shall have the meanings assigned to them in our Terms of Use. If you have concerns about providing information to us or the use of that information as described in this Privacy Policy, you should not use our Services.
As we are constantly looking for new and innovative ways to help you achieve your goals in relation to the use of our services, this privacy policy may change over time. Therefore, please review it regularly. The effective date above indicates when this Privacy Policy was last changed. If we change the terms of this Privacy Policy, we will notify you via push notification and/or by posting a notice on our website thirty (30) days prior to the changes taking effect. If we are required by applicable data protection laws to provide you with more detailed information about such changes or to obtain your consent, we will do so. You can see when this policy was last updated by checking the ‘last updated’ date at the top of this policy. Any revised privacy policy supersedes all previous privacy policies.
If you have any questions about this privacy policy, please contact us by email at hello@innochat.ch or write to us at:
Paladin Max, Inc.
712 Bancroft Road #925
Walnut Creek, CA 94598
E-Mail: hello@innochat.ch
We may collect and use the following personal data that identifies, relates to, describes, can be reasonably associated with, or can be reasonably linked, directly or indirectly, to a particular consumer, household, or natural person:
identifiers
Real name, username, internet protocol address, email address, account password
Internet or other similar network activity
Information about a consumer's interaction with a website, application, or advertisement
Professional or employment-related information
Current activity
Conclusions derived from personal data
Profiles that reflect a person's behavior and attitudes
User-generated profiles and content
user profiles, avatars, or text information.
device information
Unique device identifiers and country of access
Software information
Operating system and version
user information
User browser type, timestamp, time zone setting and location, browser plug-in types and versions, user content data, user activity, user interactions, and pages visited
cookies
Small data files that are stored on your hard drive or in your device's memory to help us improve our Services and your experience, see which areas and features of our Services are popular, and count visits. For more information about cookies and how to disable them, see Section 9 (Your Control Options) below.
Web Beacons
Also known as “tracking pixels,” are electronic images that can be used in our services or emails to deliver cookies, count visits, understand campaign usage and effectiveness, and determine whether an email has been opened and acted upon.
Different tracking technologies
These include local shared objects (also known as “Flash cookies”) and HTML5 local storage, which are stored on your device in a similar way to cookies and can be used to store certain information about your activities and preferences across different services and sessions.
Publicly available information
User information from websites such as LinkedIn, Google Scholar, or arXiv
We collect information that you provide to us voluntarily, such as when you create an account, manage your user profile, use interactive features of our Services, request customer support, or otherwise communicate with us. In some cases, information may be collected automatically when you interact with our website or services. We only collect personal information that is necessary to provide our products and services, in accordance with the principles of lawfulness, necessity, and good faith.
In particular, we have collected the following categories of personal information in the last twelve (12) months:
identifiers
Direct from you When a user signs in with Google Automatically from you when you request support
Internet or other similar network activity
Automatically from you when you use our services
Professional or employment-related information
Straight from you
Conclusions derived from personal data
Automatically from you when you use our services
User-generated profiles and content
Straight from you
device information
Automatically from you when you use our services or request support from our third parties
Software information
Automatically from you when you use our services
From our third party providers
user information
Automatically from you when you use our services
From our third party providers
cookies
Automatically from you when you use our services. For more information about cookies and how to disable them, see Section 9 (Your Control Options) below.
web beacons
Automatically from you when you use our services
Different tracking technologies
Automatically from you when you use our services. Information on how to disable or delete information contained in Flash cookies can be found here.
Publicly available information
Straight from you
From publicly available sources
We use your personal data exclusively for the purposes set out in this privacy statement. Before we use your personal information beyond the purposes set out in this privacy statement, we will provide you with timely and appropriate notice and:
Get your consent
Explain why we want to use your personal information
We only use your personal information when we have a valid reason to do so, such as:
When you have given us your consent
To fulfill our contract with you or to take action at your request prior to the conclusion of the contract, including:
To provide you with our services
To update and improve our customer data
For our legitimate interests or those of a third party, including:
To prevent and detect fraud
To prevent unauthorized access to and modification of systems
To update and improve our records
To ensure compliance with our business policies (such as security and Internet usage)
Ensuring safe work practices, personnel management and evaluation
For operational reasons, such as improving efficiency, training, and quality control
For statistical analyses that help us run our business, such as in terms of customer base, product range, or other efficiency measures
To carry out external audits and quality controls
To comply with our legal and regulatory obligations, including:
Update and improve our records
Submission of declarations required by law
Carrying out external audits and quality controls
As we continuously improve our products and services, we may introduce optimization features from time to time that may expand or change the scope, purpose, and/or method of collecting and using your personal information. Should optimization features expand or change the scope, purpose, and/or method of collecting and using your personal data, we will clearly explain this to you by updating this privacy policy, a pop-up window, or a notice on the website and give you the opportunity to agree. You have the right to withhold your consent. However, if we are not allowed to use the personal information necessary to perform the updated services or features, we may not be able to provide you with the updated services and/or features or achieve the effect of the updated services. The basic functions of our services are not affected by the introduction of optimization functions.
Social network sharing features. Our Services may offer social sharing features and other built-in tools that allow you to share your activity on our Services with other media and vice versa. Using such features allows you to share information with your friends or the public, depending on the settings you have set with the social network sharing feature provider. For more information about the purpose and scope of data collection and processing in connection with social network sharing features, please see the privacy policies of the providers of these features.
We store information about users on servers located primarily in Oregon, USA. If you are accessing our Services from outside the United States of America, please note that the personal information you submit may be transferred to and stored on servers in the United States of America. The data protection and other laws of the United States of America and/or other countries may not be as comprehensive as those in your country. By submitting your information and/or using our services, you agree that your information may be transferred to, stored and processed in the United States of America.
We generally store your personal data as long as you have an account with us or we provide you with services. We will then store your personal data for as long as is necessary to respond to your questions, complaints or claims, or as required by law. We do not store your personal data longer than is necessary for the purposes set out in this policy. How your personal data is protected
How your personal data is protected:
We have taken appropriate security measures to prevent personal information from being accidentally lost or used or accessed without authorization. We restrict access to your personal information to those who need that information for business purposes. The persons who process your data only do so in an authorized manner and are subject to confidentiality obligations. We are continuously testing our systems and are in the process of obtaining SOC II and ISO 27001 certifications, which means we comply with the highest industry standards for information security. We use appropriate security measures to protect your personal information in accordance with the Center for Internet Security's Critical Security Controls (The 18 CIS Critical Security Controls). We use encryption technologies to protect your personal data. We have established specific administrative rules, procedures, and organizations to ensure the security of personal information we collect. We conduct security and privacy training to make our employees aware of the importance of protecting personal data. In the event of an incident involving the security of personal data, we will initiate the emergency plan for security incidents, report the incident immediately to the relevant authorities, inform you of the basic situation of the security incident, the measures and remedies we have taken or will take, and our recommendations for you via announcements, push notifications, or emails. If it's difficult to inform all users, we'll issue the alert through public announcements. Notwithstanding the security measures taken and the implemented legal requirements, we cannot guarantee the security of your personal data when communicating via unsecure channels. You should therefore also take steps yourself to ensure the security of your personal data, for example by regularly changing your account password. We will notify you and all relevant regulatory authorities of a suspected data security breach where we are required to do so by law.
We may change the terms from time to time. The most recent version of these terms is available at https://www.innoChat.com/terms. You understand and agree that your access to or use of the Services is subject to the terms in effect at the time you access or use the Services. If we make material changes to these terms, we will notify you at least thirty (30) days before the changes take effect via push notification and/or by posting a notice on the website. If we are required by applicable data protection laws to provide you with more detailed information about such changes or obtain your consent, we will do so. You can see when the terms of use were last updated by checking the “last updated” date at the top of these terms of use. All revised terms of use replace all previous terms of use.
You have certain rights with respect to your personal information, which are described in this section. You, or an authorized representative acting on your behalf, may exercise your rights with respect to your personal information by making a verifiable request (see Section 8 (Exercising Your Rights) below). If an authorized representative makes a request to disclose or delete your personal information, we need the following from you:
Give your authorized representative a signed power of attorney to exercise your rights and decisions.
Verify your identity directly with us.
Confirm directly with us that your authorized representative is authorized to make the request.
Because we don't optimize or operate our own large language models (LLMs), we DON'T use any data we collect from you to train LLMs. Our services use retrieval augmented generation (RAG) technology, which does not retrain or modify the LLMs themselves in any way. We use LLMs from OpenAI via their publicly available API. OpenAI has specifically stated that it does not use the data submitted via the API to train LLMs. For details, see OpenAI's privacy policy for companies at: https://openai.com/enterprise-privacy. 9. How you can exercise your rights of access, data portability, rectification, and deletion
We use LLMs from OpenAI via their publicly available API. OpenAI has specifically stated that it does not use the data submitted via the API to train LLMs. For details, see OpenAI's Enterprise Privacy Policy at: https://openai.com/enterprise-privacy
To exercise the rights of access, data portability, rectification, and deletion described above, please email us a verifiable request at hello@innochat.ch.
Only you or someone legally authorized to represent you can make a verifiable request regarding your personal information. You can only submit a verifiable request regarding access or data portability twice within a period of twelve (12) months. The verifiable request must:
Use the email address you used to register with us so we can verify that you are the person we collected personal information about.
Describe your request in sufficient detail so that we can understand, evaluate, and answer it correctly.
We cannot respond to your request or provide you with personal information if we are unable to verify your identity or eligibility to make the request and confirm that the personal information concerns you.
We aim to respond to all verifiable requests within forty-five (45) days of receipt. Should we need more time, we will inform you in writing of the reason and the required extension period. We will send you a confirmation of receipt of your verifiable request within ten (10) business days of receipt.
If you have an account with us, we'll send you our written response to that account. If you don't have an account with us, we'll send you our written response the way you made your request. If you have an account with us, we'll send you our written response to that account. If you don't have an account with us, we'll send you our written response the way you made your request.
If we are unable to comply with a verifiable request, we may provide you with our reasons in writing. For data portability inquiries, we choose a format for providing your personal data that is easy to use and should allow you to transfer the data from one location to another without hindrance.
You usually don't have to pay a fee to access your personal information or exercise your data protection rights. However, except for withdrawing your consent, we may charge a reasonable fee if your request is manifestly baseless, repetitive, or excessive. If we determine that the request warrants a fee, we'll tell you the reasons for this decision and provide you with a cost estimate before we process the request. In such circumstances, we may also decline your request.
We may decline your request in the following circumstances and in accordance with applicable laws and regulations:
When this is related to our legal and/or regulatory obligations
When this is related to national security and defense
When this is related to public safety, public health, and important public interests
When this is related to criminal investigations, prosecutions and legal proceedings
When there is sufficient evidence that you are showing subjective malice or abuse of rights
If responding to your request would seriously affect the legitimate rights and interests of you or other people and organizations
When trade secrets are affected
Other conditions set by law or regulatory authorities
We give you control over the use and collection of your personal information. In this section, we describe your control options.
We will not discriminate against you if you exercise your control rights or rights over your personal data. Unless otherwise permitted, when you exercise your control rights or rights over your personal information, we will refrain from:
Deny you services
Charge you different prices or rates for services, including through discounts or other benefits, or by imposing penalties
provide you with a different level or quality of service
Suggest to you that you may receive a different price or rate for services, or a different level or quality of service
In order to provide you with convenient and high-quality services, we may need some permissions for your device. When you use the appropriate feature, you'll see a pop-up reminder asking for your permission to access specific device features. You can disable some or all permissions in the client or device settings. The methods for granting or withdrawing permissions may vary from device to device.
Camera permission
You can use the camera to take and upload videos and pictures.
Mic permission
You can send voice messages, perform live videos, interact live, and complete recording and publishing audio and video content.
Because consumers are often unaware that their “Do Not Track” beacons are active, “Do Not Track” often does not reflect the actual preferences of our users. We do not currently respond to “Do Not Track” signals. In the meantime, you can opt out of certain types of tracking, including certain analytics and tailored advertising, by changing your cookie settings.
As described in our terms of use (available at https://www.innochat.ch/terms), you must be at least 18 years of age or have the necessary authority and authority to access and/or use our services. If you are still a minor (i.e. under 18 years of age), you must obtain consent from your parent or guardian to use our services.
If you are the legal guardian of a minor, please ensure that the minor only uses our services with your permission and consent and only then provides their personal information. If you have any questions about the personal information of the minor in your care, please contact hello@innochat.ch or write to the address provided at the beginning of this policy.
Our Services are not intended for children under thirteen (13) years of age or under the minimum age in the relevant territory who is older than thirteen (13) years of age (the “Children” or “Child”), and we do not knowingly collect any personal information from such children. Children should not use or attempt to use our services. If you are a child, please do not attempt to use our services or send information about yourself to the company.
If we learn that we have inadvertently collected personal information from a child, we will take reasonable steps to delete that information from our records. Parents who believe we may have collected information from or about a child can send a request to delete that information to hello@innochat.ch or write to our address provided at the beginning of this policy.
InnoChat strives to store only the data necessary to effectively carry out its business activities and perform its tasks. The need for data storage depends on the type of data and the purpose for which it was collected. innoChat ensures that data is only stored for as long as is necessary to fulfill the purpose of collection and is deleted when it is no longer needed. This policy describes InnoChat's data retention policies, which are applied consistently across the organization.
This policy applies to all data collected by InnoChat and stored on systems and media owned by InnoChat or rented by InnoChat, regardless of location. It applies both to data collected and stored electronically (including photographs, video and audio recordings) and to data collected and stored in the form of printouts or paper files. Retention of certain information may be required by federal or state laws, federal regulations, legitimate business purposes1, and the EU General Data Protection Regulation (GDPR).
InnoChat only stores data that is necessary to effectively carry out its business activities, perform its tasks and comply with applicable laws and regulations. Reasons for data storage include:
Provision of ongoing services to data subjects (e.g. sending newsletters, publications, program updates, ongoing training, participation in InnoChat programs, processing employee salaries and benefits)
Compliance with applicable laws and regulations related to InnoChat's financial and program reporting to its funding agencies and donors
Compliance with applicable labor, tax, and immigration laws
Other regulatory requirements
Investigations into security incidents or other incidents
Protection of intellectual property
litigation
InnoChat strives to avoid data duplication whenever possible, but it may be necessary to store data in multiple locations for programming or business reasons. This policy applies to all data held by InnoChat, including duplicates.
InnoChat has established the following guidelines for the storage of all personal data in accordance with the Institute's privacy policy:
The data of website visitors is stored for as long as is necessary to provide the service requested/initiated via the INNOCHAT website.
Data destruction ensures that InnoChat manages and processes controlled data responsibly and efficiently. After the retention period has expired or at the express request of the user, InnoChat actively destroys the data collected by this policy. If an individual believes that there is a legitimate business reason that precludes data destruction after the retention period has elapsed, they should report that data to their manager and provide a justification. Exceptions to this policy require approval by InnoChat's Data Protection Officer in consultation with a legal advisor. In rare cases, the legal advisor may impose a storage obligation for certain documents, which prohibits their destruction. The storage obligation remains in place until repealed by the legal advisor and prohibits the destruction of the data affected by the storage obligation.
We hope we can resolve any questions or concerns you may have about our use of your personal information. If you would like to make a complaint about our privacy practices, please contact hello@innochat.ch.