Effective Date: February 24th of 2026
Version: 2.0
ChemHazAI ("we," "our," "us") is committed to protecting your privacy and ensuring compliance with applicable data protection laws, including any relevant data protection regulations. This Privacy and Data Protection Policy outlines how we collect, use, share, and protect your personal data when you interact with our services, including our website, CRM services, and any other products or services provided by ChemHazAI.
1. Data Controller
ChemHazAI is the data controller responsible for the processing of personal data described in this policy. For privacy and security reasons, all official correspondence should be directed to our compliance department via email or to our designated EU Representative as listed in Section 1.1.
1.1 European Union Representative: As ChemHazAI is a non-EU based entity providing services to corporate clients within the European Union, we have appointed a representative in the Union to act as a point of contact for data subjects and supervisory authorities, pursuant to Article 27 of the GDPR.
You may reach our EU Representative regarding any data protection inquiries at:
Entity: ChemHazAI (EU Privacy Dept.)
Address: Juhkentali 8, Tallinn 10132, Estonia
Email: eu-rep@chemhazai.com
Our representative is authorized to represent ChemHazAI regarding our obligations under the GDPR.
2. Data We Collect
We collect personal data exclusively in a Business-to-Business (B2B) context. This includes professional contact details (name, business email, job title) of representatives from our corporate clients and prospects. We do not knowingly collect personal data from individual consumers or minors:
Personal Identification Information: Name, email address, mailing address, phone number.
Professional Information: Company name, job title, industry.
Technical Data: IP address, browser type, operating system, device identifiers, and other technical data collected via cookies or similar technologies.
Usage Data: Information about how you interact with our services, such as website visits, product interactions, and preferences.
Communication Data: Correspondence through email, chat, or other communication channels.
3. Legal Basis for Data Processing
We process personal data under the following legal bases:
Consent: Where you have provided explicit consent for us to process your data (e.g., subscription to our newsletter or direct inquiries).
Contractual Necessity: When the processing is necessary to fulfill a contract or to take steps at your request prior to entering into a contract.
Legal Obligation: Where we are legally required to process the data (e.g., compliance with tax laws, data retention obligations).
Legitimate Interests: When processing is necessary for the purposes of legitimate interests pursued by ChemHazAI, except where such interests are overridden by your fundamental rights and freedoms.
4. How We Use Your Data
Your personal data will be used for the following purposes:
Provision of Services: To provide, operate, and maintain our services, including customer support.
CRM Management: manage our customer relationships and communications.
Marketing and Communication: To send you marketing communications, newsletters, and promotional offers, provided you have consented to receiving such communications.
Analytics and Performance Monitoring: To analyze traffic and user behavior on our website and improve our services.
Compliance: To comply with legal obligations and respond to lawful requests from public authorities.
5. Data Sharing and International Transfers
We may share your personal data with third-party service providers for business purposes, such as data hosting or CRM services. These third-party providers are contractually obligated to protect your personal data and only process it on our behalf, following our instructions.
For international data transfers from the EEA to countries not deemed adequate by the European Commission (such as the United States), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission. Additionally, we conduct Transfer Impact Assessments (TIAs) to ensure that the laws of the recipient country provide a level of protection essentially equivalent to that of the European Union. We implement supplementary technical measures, including encryption and strict access controls, to safeguard your data during transit and storage.
5.1 AI Infrastructure and Data Sub-processing: To provide our AI-driven services, we utilize specialized third-party infrastructure providers who act as sub-processors under strict confidentiality and data protection obligations. In accordance with our Data Protection Addendum (DPA) with these providers:
6. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, or as otherwise permitted by applicable law. Specific retention periods vary depending on the nature of the data and the reason for its collection.
7. Your Rights
Under applicable data protection laws, you have the following rights regarding your personal data:
Right to Access: You may request information about the personal data we hold about you.
Right to Rectification: You may request the correction of inaccurate or incomplete data.
Right to Erasure: You may request the deletion of your personal data under certain circumstances.
Right to Object: You may object to the processing of your personal data based on legitimate interests.
Right to Data Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format.
Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time.
United States State Privacy Rights: Depending on your state of residence (e.g., Florida, California, Virginia), you may have additional rights regarding your professional personal data, including:
To exercise any of these rights, please contact us at compliance@chemhazai.com or eu-rep@chemhazai.com for companies based on the European Union.
8. Data Security
We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, loss, or disclosure. These include encryption, access controls, and regular security audits.
While we strive to protect your data, no security system is completely foolproof. Therefore, we cannot guarantee the absolute security of your data, especially in cases of malicious actions by third parties.
9. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance user experience, analyze performance, and deliver targeted advertisements. You can manage your cookie preferences through your browser settings.
For detailed information on how we use cookies, please refer to our Cookie Policy.
10. Children’s Privacy
Our services are not intended for individuals under the age of 18, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child without parental consent, we will delete such data promptly.
11. Changes to this Policy
We may update this Privacy and Data Protection Policy from time to time to reflect changes in our practices or relevant legal requirements. Any updates will be posted on this page with the revised date. We encourage you to review this page periodically to stay informed of our data protection practices.
12. Contact Information
If you have any questions, concerns, or requests regarding this Privacy and Data Protection Policy or how we handle your personal data, please contact us at:
ChemHazAI
Email: compliance@chemhazai.com
By using our services, you acknowledge and agree to the terms outlined in this policy.