Privacy policy

Last update: January 27, 2026

The Chatbot Factory ("we," "us," "our") operates the tolk.ai website (the "Service").

The purpose of this privacy policy is to clearly explain how we collect, use, and protect your personal data when you use our Service, in accordance with the General Data Protection Regulation (GDPR).

1. Data controller

The person responsible for processing personal data is:

The Chatbot Factory
📍 Address: 16 Villa des Nymphéas – 75020 Paris

2. Personal data collected

We may collect the following categories of data:

  • Identification data: last name, first name

  • Contact details: email address, phone number

  • Connection data: IP address, browser type and version, pages viewed, date and time of browsing

  • Data voluntarily submitted via forms

We do not collect any sensitive data within the meaning of the GDPR.

3. Purposes of collection

Personal data is collected solely for the following purposes:

  • Provide and improve the Service

  • Respond to requests sent via the website

  • Ensure the proper functioning and security of the site

  • Compile anonymized usage statistics

4. Legal basis for processing

Treatments are based on:

  • User consent (forms, non-essential cookies)

  • Legitimate interest (security, service improvement)

  • Compliance with legal obligations, where applicable

5. Shelf life

The data is retained only for the period necessary for the purposes pursued in accordance with the duration of the contracts signed between the Service Provider and the user of the Service.

6. Cookies

The site may use cookies to:

  • To ensure its proper functioning

  • Measure audience and improve user experience

You can configure your browser to refuse all or some cookies.
Refusing certain cookies may limit some of the website's features.

7. Service providers and subcontractors

We may use technical service providers (hosting, analysis tools) acting as subcontractors within the meaning of the GDPR.

These service providers only access data to the extent strictly necessary for their tasks and are subject to contractual confidentiality obligations.

8. Transfers outside the European Union

If data is transferred outside the European Union, we ensure that appropriate safeguards are in place (standard contractual clauses, adequacy decision).

9. Data security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.

10. User rights

In accordance with regulations, you have the following rights:

  • Right of access

  • Right of rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to portability

You can exercise your rights by contacting us here.

You may also file a complaint with the CNIL.

11. Protection of minors

The Service is not intended for persons under the age of 18.
We do not knowingly collect personal data about minors.

12. Links to third-party websites

The site may contain links to third-party sites.
We are not responsible for the privacy policies or practices of these external sites.

13. Policy changes

We reserve the right to modify this policy at any time.
The current version is the one published on this page.