Satofy ("we", "us", "our") is an AI-powered e-commerce chat service operated by an individual entrepreneur registered in the Republic of Estonia. Contact: saatohq@gmail.com. As a service offered to businesses within the European Economic Area (EEA), we act as a data processor on behalf of our merchant clients (controllers) and as a data controller with respect to our own operational data.
We process personal data in accordance with:
3a. Merchant (business customer) data: name, email address, company name, store URL, billing information (processed via third-party payment provider). Legal basis: Art. 6(1)(b) GDPR — performance of a contract.
3b. End-user (store visitor) data: chat messages, approximate session language, inferred intent, and anonymous satisfaction ratings (thumbs up/down). This data is processed on behalf of the merchant. No persistent user profiles are created. Session identifiers are random strings stored only in the visitor's sessionStorage — not cookies — and are not linked to any real-world identity. Legal basis: Art. 6(1)(f) GDPR — legitimate interests of the merchant in providing and improving customer support.
3c. Operational data: server logs (IP address, request time, user-agent), necessary for security, rate-limiting, and service integrity. Retained for 30 days. Legal basis: Art. 6(1)(f) GDPR.
3d. Cookies & Storage: We use strictly necessary session storage (sessionStorage) to maintain chat session continuity during a single browser session. No tracking, advertising, or analytics cookies are set without explicit consent. No persistent first-party cookies are required for core functionality. No cookie consent is required for strictly necessary storage per ePrivacy Directive recital 66.
We use the following sub-processors, each bound by GDPR-compliant data processing agreements (DPAs):
No personal data is sold to third parties. No data is transferred to third countries without appropriate safeguards (Standard Contractual Clauses, Art. 46 GDPR).
You have the right to: access your data; rectify inaccurate data; erasure ("right to be forgotten"); restriction of processing; data portability; object to processing; and not to be subject to solely automated decision-making with legal effects. To exercise any right, contact saatohq@gmail.com. We will respond within 30 days. You may also lodge a complaint with the Estonian Data Protection Inspectorate (aki.ee) or your local supervisory authority.
Satofy is classified as a micro-enterprise under the DSA (Regulation (EU) 2022/2065) and qualifies for exemptions applicable to platforms with fewer than 45 million monthly active users in the EU. We do not operate recommender systems or display advertising. Single point of contact for DSA-related communications: saatohq@gmail.com.
Chat responses displayed through Satofy-powered widgets are generated by an artificial intelligence language model (Google Gemini). Satofy and its merchant clients are not responsible for any inaccuracies, omissions, or errors in AI-generated content. End users should independently verify any information that may affect purchasing or other decisions.
We implement appropriate technical and organisational measures (Art. 32 GDPR), including TLS encryption in transit, database-level encryption at rest, access controls, and periodic security reviews. In the event of a data breach, we will notify affected parties and the relevant supervisory authority within 72 hours in accordance with Art. 33–34 GDPR.
We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered merchants at least 30 days before taking effect. Continued use of the service after notification constitutes acceptance of the updated policy.
These Terms of Service ("Terms") constitute a legally binding agreement between you ("Merchant", "you") and Satofy ("Service Provider", "we"), governing your access to and use of the Satofy AI chat widget platform ("Service"). By registering, accessing, or using the Service, you agree to these Terms in full. If you do not agree, you must not use the Service.
Satofy provides a software-as-a-service (SaaS) AI-powered chat widget that Merchants may embed on their e-commerce websites. The Service includes product synchronisation, AI-generated chat responses, lead capture, and analytics features as described on the Satofy website and subject to the selected subscription plan.
3.1 Access to the Service requires a paid subscription (or free trial where offered). Prices are listed in EUR excluding VAT (where applicable under Estonian/EU VAT rules). 3.2 Subscriptions are billed monthly or annually in advance. Annual subscriptions are non-refundable except as required by mandatory consumer protection law. 3.3 You may cancel your subscription at any time from your dashboard. Cancellation takes effect at the end of the current billing period. 3.4 We reserve the right to adjust pricing with 30 days' written notice. Continued use after the notice period constitutes acceptance.
4.1 You agree not to use the Service to: (a) violate any applicable law or regulation; (b) infringe any third-party intellectual property rights; (c) transmit spam, malware, or harmful content; (d) engage in deceptive, fraudulent, or misleading practices toward end users; (e) attempt to reverse-engineer, scrape, or disrupt the Service; (f) resell or sub-license the Service without prior written consent.
4.2 Fair Use Policy: Subscriptions labelled "Unlimited" or "Enterprise" are subject to a Fair Use Policy. Satofy reserves the right to temporarily suspend or renegotiate the terms of any account if usage significantly exceeds reasonable commercial norms or imposes an undue technical burden on our infrastructure.
5.1 You are solely responsible for the accuracy and legality of the product data, knowledge base content, and any other information you sync or upload to the Service.
5.2 You are solely responsible for obtaining any necessary consents from your end users for the deployment of the Satofy widget on your website, including compliance with the ePrivacy Directive, GDPR, and any other applicable law in your jurisdiction. Satofy is not responsible for your compliance obligations as a data controller.
5.3 You must maintain the confidentiality of your account credentials and immediately notify us of any unauthorised access.
5.4 You are responsible for reviewing AI-generated responses served by the widget and ensuring they accurately represent your business. Satofy is not liable for any loss arising from inaccurate AI outputs displayed to your customers.
Nothing in these Terms shall limit or exclude liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be limited or excluded under applicable mandatory law (including Estonian Law of Obligations Act — võlaõigusseadus).
7.1 Satofy and its licensors retain all intellectual property rights in the Service, including software, designs, trademarks, and documentation. These Terms do not grant you any ownership rights. 7.2 You grant Satofy a limited, non-exclusive licence to process, store, and transmit your content solely for the purpose of providing the Service. 7.3 Aggregated, anonymised usage statistics may be used by Satofy for service improvement without restriction.
To the extent that Satofy processes personal data of your end users on your behalf, Satofy acts as a data processor and you act as the data controller under GDPR. By accepting these Terms, you agree to the Satofy DPA. A full copy of the DPA is available upon request at saatohq@gmail.com. You warrant that you have a lawful basis for instructing Satofy to process such data.
9.1 We may suspend or terminate your access to the Service immediately, without liability, if: (a) you breach any provision of these Terms; (b) payment fails and is not remedied within 7 days of notice; (c) we are required to do so by law or order of a competent authority. 9.2 Upon termination, your right to use the Service ceases immediately. We will retain your data for 30 days following termination, after which it will be permanently deleted, unless required to be retained by law.
Satofy targets a monthly uptime of 99.5% but does not guarantee any specific service level unless a separate SLA is agreed in writing (available on Enterprise plans). Scheduled maintenance will be communicated with at least 24 hours' notice where practicable.
These Terms are governed by and construed in accordance with the laws of the Republic of Estonia, without regard to conflict of law principles. Any disputes shall be submitted to the exclusive jurisdiction of the Harju County Court (Harju Maakohus), Tallinn, Estonia, subject to your right to bring consumer protection claims in your country of residence if you are a consumer within the EU. For business-to-business disputes, the parties agree to attempt resolution through good-faith negotiation for a period of 30 days before commencing legal proceedings.
If you are a consumer within the European Union, you may have additional rights under EU consumer protection legislation, including Directive 2011/83/EU. The 14-day withdrawal right does not apply once digital content delivery has commenced with your consent and acknowledgment that the right is thereby waived, per Art. 16(m).
We may modify these Terms at any time. We will provide at least 30 days' notice of material changes via email or in-app notification. Continued use of the Service after the effective date constitutes acceptance. If you do not agree to the revised Terms, you may terminate your subscription before the effective date.
14.1 Severability: If any provision is found unenforceable, the remaining provisions remain in full force. 14.2 Waiver: Failure to enforce any provision does not constitute a waiver. 14.3 Entire Agreement: These Terms, together with the Privacy Policy and any applicable DPA, constitute the entire agreement between the parties. 14.4 Language: The authoritative version of these Terms is in English.