Privacy Policy
Last Updated:December 1, 2023

A small note on how ChatChit AI features work.

ChatChit AI uses Neural Network Models such as GPT35, Stable Diffusion, Whisper, and other AI models (the”Models”) that allow users to answer prompts and carry on tasks such as summarizing videos, generating images, transcribing voice notes etc. (the “Tasks”).

We do our best to moderate the parameters of the Models, however, it is still possible that you may encounter content that you may see as inappropriate for you. We also encourage you to get acquainted with our Terms of Use to understand how we provide services to you. We respect your privacy and are committed to protecting it through our compliance with this Policy (as defined below). Please read this Policy carefully to understand our privacy practices. If you do not want us to process your Personal Information as it is described in this Policy, please do not use our Services (as defined below). If you have any questions about this Policy or ChatChit AI, please contact us (for additional contact information, please, see Section 15 of this Policy.


Generatech Studio (“GS,” “we,” or “us”) is a data analytics and digital services company that offers AI integration services. This Privacy Policy (“Policy”) covers the Personal Information (as defined below) that we collect through ChatChit AI application and its website ChatChit (the “Website”), owned or controlled by [GS] or websites that post a link to this Policy (the “Services”).

When you use our Services, you’ll share some information with us. According to Article 13 of the General Data Protection Regulations Regulation, (EU) 2016/679 (GDPR), in our role as a controller of Personal Information (as defined below), we want to be upfront about the information we collect, how we use it, whom we share it with, and the controls we give you to access, update, and delete your information.

You should read our entire Policy, so that you can feel confident in sharing your data with us. In this Policy, personal information means information that (either in isolation or in combination with other information) enables you to be directly or indirectly identified (“Personal Information”).

Who is the data controller

GS is the controller of your Personal Information.

GS is registered at 8 The Green, Dover, Delaware, US.

If you have questions, requests, or concerns regarding your privacy and rights, please let us know how we can help. You can contact us

Information we collect

There are three basic categories of information we collect:

Here’s a little more detail on each of these categories.

Information you provide to us

When you use our Services, you usually provide to us certain information, including your Personal Information such as:

When you use the Websites

When you visit our Website, we collect Internet or other electronic network activity information through the use of cookies and other trackers. Depending on your tracking preferences, the information we collect may include but is not limited to your device’s Internet Protocol (“IP’) address, referring website, what pages your device visited, and the time that your device visited our Website. We may also rely on analytics and tools used to prevent spam and other security risks related to the use of abusive automated software. Visit our Cookie Policy for more information on the types of cookies and other trackers we use on our Website.

Information we collect automatically

When you use our Services, we may automatically collect certain data about you. This data is needed for operation of the Services and, among others, may be used for in-app analytics or marketing purposes. The data we collect automatically includes:

• Device information: Information about your mobile device and internet connection, including your IP address, the device’s unique device identifier, operating system, and mobile network information.

• Usage details: Details of your use of our Services, including frequency of use, areas and features of the application that you access and engagement with particular features. This information is used for in-app event analytics and, upon your consent, for marketing purposes.

• Information collected by cookies and other similar technologies: we use various technologies to collect information, including saving cookies to users’ computers.

Such automatically collected data helps us operate our Services and improve it to deliver better service, including but not limited to enabling us to estimate our audience size, and understand how you use our Services and what you like and dislike the most.

The technologies we use for automatic data collection may include:

We use third-party analytics tools, such as Google Analytics, Firebase, Meta, AppsFlyer and Amplitude, to help us measure traffic and usage trends for ChatChit AI. These tools collect information via third-party analytics software development kits incorporated into ChatChit AI, which may include your pseudonymised user ID and the information about the webpages you visit when following the links available to you on our Services, your actions in ChatChit AI application and basic information about the type of subscription you have. We collect and use this analytics information in an aggregated manner with analytics information from other users so that it cannot reasonably be used to identify any particular user. For information on how third party analytics tools collect and process your data and to opt out of such collection and processing, generated by your use of ChatChit AI, please contact us

Legal bases for using your Personal Information

According to Article 6 of the GDPR, we are allowed to use your Personal Information when certain conditions apply. These conditions are called “legal bases” and, at GS , we typically rely on one of four:

• Consent (Article 6.1.a of the GDPR): in some cases, we’ll ask for consent to use your information for specific purposes. If we do, we’ll make sure you can revoke your consent in our Services or through your device permissions. Even if we’re not relying on consent to use your information, we may ask you for permission to access data like contacts and location.

• Contract (Article 6.1.b of the GDPR): we might use your information because you’ve entered into an agreement with us.

• Legal obligation (Article 6.1.c of the GDPR): we may be required to use your personal information to comply with the law, like when we respond to valid legal process or need to act to protect our users.

• Legitimate interest (Article 6.1.f of the GDPR): we have—or a third party has—a legitimate interest in doing so. For example, we need to use your information to provide and improve our Services, including protecting your account, providing customer support. An important point to understand about legitimate interest is that our interests don’t outweigh your right to privacy, so we only rely on legitimate interest when we think the way we are using your data doesn’t significantly impact your privacy or would be expected by you, or there is a compelling reason to do so.

Personal Information we collect directly from you on our Website

We will use Personal Information for the following purposes:

• To administer our Website, and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes.

• To improve our Website to ensure that content is presented most effectively for you and your device.

• For trend monitoring, marketing advertising, ad targeting, ad measurement, including through the use of your precise location information, profiling, research (again, if you’ve specifically and freely given us permission to use that information for that purpose), both on and off our services. We may also store information about your use of third-party apps and websites on your device to do this.

• For purposes made clear to you at the time you submit your Personal Information.

• As part of our efforts to keep our Websites secure. Our use of your Personal Information may be based on our legitimate interests to ensure network, information security, and business performance improvement. Our direct marketing purposes are based on your consent. We may also rely on our legitimate interests to improve business and marketing practices or contact you to offer similar Services or products that you may have bought from us (soft spam), requested a demo, or negotiated with us. Personal Information we collect directly from you as part of the administration of our Services We will use Personal Information for the following purposes:

• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us in relation to our Services (e.g., the Terms of Use).

• To provide you with support and to respond to your inquiries. If you share your Personal Information (including your name and contact information) to ask a question about our Services, we will use that Personal Information to investigate your concerns, respond to your inquiries and to monitor and improve our responses to your and other users inquiries in relation to our Services. It is our legitimate interest to provide you with high-quality support.

• To notify you about changes to our Services or any further product or service we offer or provide through our Services, including by sending you technical notices, notices about your account/subscription, including expiration and renewal notices, updates, security alerts and support and administrative messages, which we may send through an in-app or a push notification (you may opt-out of push notifications by changing the settings on your mobile device). It is our legitimate interest to keep you updated on your use of our Services.

• To monitor aggregated metrics such as total number of users, traffic, and demographic patterns. It is our legitimate interest to make aggregated analytics of our audience as it helps us understand our business metrics and improve our Services.

• To provide, improve, test, and monitor the effectiveness of our Services in an aggregated manner. It is our legitimate interest to make analytics of our audience as it helps us understand our product and business metrics.

• To provide personalized content and information to you in relation to our Services, which could include online ads or other forms of marketing. We do so upon your explicit consent (opt-in).

• Upon users’ consent (opt-in), for marketing purposes in order to find audiences similar to our users. For this processing we share, among others, users’ use details, device information, and in- app purchase details with our third-party advertising partners.

• Cookies: we use strictly necessary cookies and other trackers to provide authentication tools, enhance security, and prevent fraud. For more information about our use of cookies and other trackers visit the Cookie Policy.

• In any other way, as described in this Policy. We will not process your Personal Information in a way that is incompatible with the purposes for which it has been collected or authorized by you in accordance with this Section 4 or collect any Personal Information that is not required for the mentioned purposes (“purpose limitation principle”). For any new purpose of processing that is not compatible with any of the purposes mentioned above, we will ask for your separate explicit consent. To the extent necessary for any of the processing purposes, we take all reasonable steps to ensure that your Personal Information is reliable for its intended use, accurate, complete and current. We also undertake to collect only such amount and types of your Personal Information that are strictly required for the purposes mentioned in this Section 4 (“data minimization principle”).

Sharing and disclosure of Personal Information

We do not rent or sell your Personal Information, including audios, photos and videos, to any third parties outside GS.

Parties with whom we may share your Personal Information.

We may share your Personal Information and other collected information with third-party organizations such as contractors and service providers that we use to support our business who will act as data processors according to Article 28 of the GDPR. and who are bound by confidentiality and data protection terms (consistent with this Policy) to keep your Personal Information confidential and use it only based on our instructions (“Service Providers”). If we receive your Personal Information and subsequently transfer that information to a third-party agent or Service Provider for processing, we remain responsible for ensuring that such third-party agent or Service Provider processes your Personal Information to the standard required by the applicable privacy laws, including the GDPR, and CCPA. These transfers will typically be based on our legitimate interests.

Such Service Providers include:

• Cloud providers Google Cloud Platform,Amazon Web Services, Microsoft Azure which we use when you choose to upload your photos or videos to our Services, • Third-party analytics, as specified in this Policy

• Email delivery services, and

• Third-party advertising partners. Upon your consent, we send some of your Personal Information (e.g., your device information and details about your in-app purchases) for marketing and promotional purposes to our advertising partners (e.g., AppsFlyer, Meta). By these means, we are able to reach you and people like you on various platforms.

For the avoidance of doubt, we do not share or transfer your photos, videos and audios to third parties (except temporarily storing your photos, videos and audios to our cloud providers Google Cloud Platform and Amazon Web Services to provide online processing function, and thereafter deleting such photos, videos and audios as described in this Policy). We use only secure places of storage, such as Google Cloud Platform and Amazon Web Services.

What happens in the event of a change of control. If we sell or otherwise transfer part or the whole of GS or our assets to another organization (e.g., in the course of a transaction like a merger, divestiture, restructuring, reorganization, acquisition, bankruptcy, dissolution, liquidation), your Personal Information and any other collected information may be among the items sold or transferred.

Responding to legal requests and preventing harm. We may access, preserve and share your Personal Information in response to a legal (like a search warrant, court order or subpoena), government or regulatory request if we have a good faith belief that the law requires us to do so. This may include responding to legal, government or regulatory requests from jurisdictions where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: (i) detect, prevent and address fraud and other illegal activity; (ii) protect ourselves, you and others, including as part of investigations; and (iii) prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.

Protection of our company and others

We reserve the right to access, read, preserve, and disclose any Personal Information as necessary to i) comply with a law or a court order, ii) protect the rights, property, or safety of our employees, our users, or others.

Non-personal information

Non-personal information We may also share with third parties that provide services to us or perform business purposes for us aggregated, non-personally identifiable, or de-identified information.

Third-Party Content and Integrations

Our Services will be based on third-party contents generated by the Models. Hence, will be providing information to the third party as well as to us. We are not responsible for how those third parties collect or use your information. As always, we encourage you to review the privacy policies of every third-party service that you use, including those third parties you interact with through our Services.

International data transfer

GS does not process your Personal Information outside the US. As to the location of our servers, we use AWS servers located in the US. However, our third party AI Service Providers Servers may be located, stored and/or processed outside US countries.. We will always protect your Personal Information in accordance with this Policy wherever it is processed. We do not voluntarily or actively transfer or disclose your Personal Information to the government or law enforcement authorities (the “Authorities”) and/or otherwise grant any Authorities access to your Personal Information.

Treatment of Personal Information

We will treat your Personal Information according to correctness, lawfulness and in compliance with all the principles of Article 5 of the GDPR, and with the aid of electronic tools, and in compliance with Article 5 of this Policy. The analysis of your tastes and preferences which, subject to your previous consent, may be carried through profiling, will always involve a human intervention and will never take place exclusively in automated ways. We use appropriate technical, organizational, and administrative security measures to protect any Personal Information we store from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. No company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user’s Personal Information at any time. Among other practices, your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.

Data Retention

• Your Personal Information, other than photos, audios and videos. We store your Personal Information for different time periods depending on the category of Personal Information or you request us to delete your data (by contacting us at Some information may be deleted automatically based on specific schedules, such as marketing information. Other information e.g. account information, may be retained for a longer period of time unless you request us to delete your data (by contacting us Finally, we may further retain information for business practices based on our legitimate interests or legal purposes, such as network improvement, fraud prevention, record-keeping, or enforcing our legal rights. • Your original photos, videos and audios. We keep the prompts on our servers as long as they are necessary to give context to the Models and to allow them to perform the Tasks. After the Tasks have been completed, all the prompts are then deleted permanently from our servers. We inform you that, in case of revocation of your consent and, in any case, at the expiration of terms indicated above, we will erase or anonymize your Personal Information from our archives. We may retain your Personal Information in connection with your privacy-related requests and communications with us, if any, as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements. Even if we delete some or all of your Personal Information, we may continue to retain and use anonymized data previously collected that can no longer be used for personal identification.

What are your rights (data subject rights -DSR)

We want you to be in control of your Personal Information, so we provide you with the following tools:

You have the right to obtain from us the indication of: • the origin of the Personal Information; • the purpose and method of processing the Personal Information; • the logic applied in cases where processing is carried out with the aid of electronic instruments; • the identification of the Data Controller, and Data Processors; • the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as an appointed representative in the territory of the EEA or even in countries outside of the EEA where data is processed on our behalf. In particular, you have the right to obtain: • the access, the updating, rectification or, when it is the case, the integration of your Personal Information; • the cancellation, transformation into an anonymous format or restriction of data processing in case of a violation of the law, or when Personal Information retention is not necessary in relation to the purposes for which the Personal Information was collected or subsequently processed; • certification/declaration that the operations referred to in letters a) and b) above have been disclosed, also in reference to their content, of those to whom the data have been shared or disclosed, except in case where such fulfillment proves impossible or involves the use of means obviously disproportionate to the protected right; Furthermore: • you have the right to revoke the consent without prejudice to the lawfulness of the processing carried out based on the consent already given; • when applicable, you can also obtain a copy of your information in a portable format, so you can move it or store it wherever you want. • you can change your preferences with regards to the cookies and other trackers at any time by clicking on the persistent cookie icon at the bottom of the screen on our Website. Finally, you have the right to object, in whole or in part to the processing of your Personal Information: • for legitimate reasons, even when it is related to the purpose of the collection of your Personal Information; • in case of sending of advertising materials or direct sales or for carrying out market research or commercial communications; • anytime Personal Information is processed for direct marketing purposes, including profiling, to the extent that such activity is connected to direct marketing: • in case of automated decision making, if such a decision is based solely on automated processing and produces legal effects or significantly affects you. Because your privacy is important to us, we will ask you to verify your identity or provide additional information before we let you access or update your personal information. We may also reject your request to access or update your personal information for a number of reasons, including, for example, if the request risks the privacy of other users or is unlawful.

How you can exercise your rights

If you would like exercise the rights referred to in Article 15 to 22 of the GDPR, or the California Consumer Privacy Act (‘CCPA’) or Virginia, Colorado, Utah, and Connecticut you can send us an email to Our privacy team will examine your request and respond to you as quickly as possible and no longer than 30 days from the moment you exercise your right. Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual and may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We remind you that you have a right to lodge a complaint with a supervisory authority within EEA should you feel unsatisfied with our treatment of your Personal Information.

Specific geographies rights

Residents of California, Virginia, Colorado, Utah, and Connecticut may have statutory rights under state comprehensive privacy law including the rights specified below. You can exercise these rights by contacting us at • Right to request the categories of Personal Information collected about you. GS will provide, where relevant and required by law, the types of data we collect. • Right to request the categories of sources from which your Personal Information is collected. GS will provide, where relevant and required by law, the types of tools and organizations we use to collect data. • Right to request the business or commercial purpose for collecting your Personal Information. GS will provide, where relevant and required by law, the purposes to collect data. • Right to request the categories of third parties to whom Personal Information is disclosed, and the categories of Personal Information disclosed. GS will provide, where relevant and required by law, information regarding the other organizations that may receive your Personal Information. • Right to request the specific pieces of Personal Information collected about you. GS will provide, where relevant and required by law, your Personal Information. • Right to request that Personal Information collected about you be deleted. We may keep Personal Information for legal reasons but will accommodate deletion requests when required. Please be aware that erasing some Personal Information may affect your ability to use our Services. • Request that your inaccurate Personal Information be corrected. If you believe your Personal Information is not correct you may provide Personal Information to replace the erroneous data. • Request that GS does not sell or share your Personal Information. Each state may interpret a “sale” of Personal Information differently, however, if you are a resident of the states above or Nevada and request that your Personal Information not be sold GS will honor that request. Individuals in California may request their information not be shared with any third party. • Right to non-discrimination. GS will not discriminate against you (e.g., through denying goods or services or providing a different level or quality of goods o/r services) for exercising any of the rights afforded to you. • California and Delaware “Do Not Track” disclosures. California and Delaware law require GS to indicate whether it honors your browser’s “Do Not Track” settings concerning targeted advertising. GS adheres to the standards set out in this Policy and does not monitor or respond to Do Not Track browser requests.

Please keep in mind that in case of a vague request to exercise any of the aforementioned right we may engage with you in a dialogue to ask for more details if so needed to complete your request. In case this is impossible, we reserve the right to refuse granting your request.

Following the provisions of the applicable law, we might also ask you to prove your identity (for example, by requesting your user or some other proof of your identity) in order for you to invoke the mentioned rights. This is made to ensure that no right of third parties is violated by your request, and the mentioned rights are exercised by an actual Personal Information subject or an authorized person.

Opting Out of Promotional Emails

IF REQUIRED BY LAW, WE WILL ASK FOR YOUR CONSENT TO SEND YOU PROMOTIONAL AND MARKETING EMAILS. IF YOU WISH TO OPT-OUT OF OUR PROMOTIONAL AND MARKETING EMAILS, YOU CAN OPT-OUT FROM OUR PROMOTIONAL AND MARKETING EMAIL LIST BY USING ANY OF THE FOLLOWING METHODS: • by following the opt-out links in any marketing email sent to you; or through our Services settings on your mobile device; or • by contacting us at any time using the contact details above


Our services are not intended for — and we don’t direct them to — anyone under 13. And that’s why we do not knowingly collect Personal Information from anyone under 13. If you are under 13, do not: (i) use or provide any information to our Services or through any of its features, or (ii) provide any information about yourself to us, including your name, address, telephone number or email address. In the event that we learn that we have collected or received any Personal Information from a child under 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe we might have any information from or about a child under 13, please contact us. . Age limitation for EEA residents. Due to requirements of the GDPR, you shall be at least 16 years old in order to use our Services. To the extent prohibited by applicable law, we do not allow use of our Services by the EEA residents younger than 16 years old. If you are aware of anyone younger than 16 using our Services, please contact us.

Linked websites

For your convenience, hyperlinks may be posted on the Services that links to other websites (the “Linked Sites”). We are not responsible for, and this Policy does not apply to, the privacy practices of any Linked Sites or of any companies that we do not own or control. Linked Sites may collect information in addition to that which we collect through our services. We do not endorse any of these Linked Sites, the services or products described or offered on such Linked Sites, or any of the content contained on the Linked Sites. We encourage you to seek out and read each Linked Site’s privacy notice to understand how the Personal Information about you is used and protected.

Revisions to the Privacy Policy

The date this Policy was last revised is indicated at the top of the page. The GS may modify or update this Policy from time to time. Some changes do not require your consent: for example, when we add a new purpose of processing that is compatible with the existing purposes, or the new processing activity that falls under the users’ reasonable expectation. However, if the changes made may pose risk to your rights and freedoms (e.g., by including a new purpose of the processing that is not compatible with the existing purposes of processing, a new legal basis, a new category of personal data to be collected or a new data subject, all of which are not reasonably expected by the users, we will ask for your consent to those changes separately from this Policy. If you did not receive a request for your consent to the changes or refused to give consent, those changes will not apply to you. That fact can negatively affect some of our Services provided to you in case those services inevitably include consent to the changes.

Contact us

General contact details. If you have any questions about this Privacy Policy or GS, please contact us via email at or our mailing address:

Generatech Studio
8 The Green Ste, Dover
Delaware, US, 19901

Controller’s Contact Information: