Privacy Policy

Last updated: January 27, 2026

The company The Chatbot Factory (“we”, “our”) operates the website tolk.ai (the “Service”).

This privacy policy aims to clearly explain how we collect, use, and protect your personal data when you use our Service, in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller is:

The Chatbot Factory
📍 Address: 16 Villa des Nymphéas – 75020 Paris

2. Personal Data Collected

We may collect the following categories of data:

  • Identification data: first and last name

  • Contact data: email address, phone number

  • Connection data: IP address, browser type and version, pages visited, date and time of browsing

  • Data voluntarily submitted via forms

We do not collect any sensitive data as defined by the GDPR.

3. Purposes of Collection

Personal data is collected solely to:

  • Provide and improve the Service

  • Respond to requests sent via the website

  • Ensure the proper functioning and security of the website

  • Generate anonymized usage statistics

4. Legal Basis for Processing

Processing is based on:

  • User consent (forms, non-essential cookies)

  • Legitimate interest (security, service improvement)

  • Compliance with legal obligations, where applicable

5. Retention Period

Data is kept only for the time necessary for the intended purposes, in accordance with the duration of the contracts signed between the Provider and the Service user.

6. Cookies

The website may use cookies to:

  • Ensure its proper functioning

  • Measure audience and improve user experience

You can configure your browser to refuse all or some cookies.
Refusing certain cookies may limit some of the website’s features.

7. Service Providers and Processors

We may use technical service providers (hosting, analysis tools) acting as data processors as defined by the GDPR.

These providers only access data to the extent strictly necessary for their tasks and are subject to contractual confidentiality obligations.

8. Transfers Outside the European Union

If data is transferred outside the European Union, we ensure that appropriate safeguards are in place (standard contractual clauses, adequacy decision).

9. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.

10. User Rights

In accordance with regulations, you have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

You can exercise your rights by contacting us here.

You may also file a complaint with the CNIL.

11. Protection of Minors

The Service is not intended for individuals under 18 years of age.
We do not knowingly collect personal data from minors.

12. Links to Third-Party Sites

The website may contain links to third-party sites.
We are not responsible for the privacy policies or practices of these external sites.

13. Changes to the Policy

We reserve the right to modify this policy at any time.
The current version is the one published on this page.