Legal / EU, US Data Privacy Framework
Our approach to transatlantic data transfers under the Data Privacy Framework.
This page describes MyChatBot’s approach to transatlantic data transfers under the EU, US Data Privacy Framework, the UK Extension, and the Swiss, US Data Privacy Framework (together, the “DPF”).
Where MyChatBot relies on the DPF, we commit to handle personal data received from the EEA, the UK, and Switzerland in accordance with the DPF Principles, including notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement, and liability.
This commitment covers personal data we receive in reliance on the DPF in connection with the Service. Where the DPF does not apply or is not available, we rely on the Standard Contractual Clauses and other lawful transfer mechanisms described in our DPA.
When we transfer DPF-covered data to subprocessors, we require them to provide at least the same level of protection as the DPF Principles, and we remain accountable if they process the data in a manner inconsistent with those Principles, unless we prove we are not responsible for the event giving rise to the harm.
Individuals may raise a complaint by contacting team@mychatbot.app. We will investigate and respond. Where a complaint cannot be resolved directly, an independent recourse mechanism and, where applicable, binding arbitration may be available, and the relevant data-protection authorities retain enforcement powers.