CometChat, Inc. and its affiliates (“CometChat” “we,” “us,” or “our”) respect your privacy. This Privacy Policy describes the processing of Personal Information (defined below) that is provided, collected, or shared on the sites, applications, social media pages, or other platforms that link to this Privacy Policy (collectively, the “Site”). It also describes your choices about the collection, sharing, and use of your Personal Information.
CometChat acts as a data controller in respect of Personal Information collected directly through the Site, and as a processor of Personal Information on behalf of its customers when operating its communication platform services. As such, this Privacy Policy does not apply to the Personal Information collected by our customers. Our customers are responsible for deciding how their data is used, so please see their applicable privacy policy for more information.
This Privacy Policy was last updated on July 8th, 2026. We will notify you of material changes in advance of their effective date (see Section 17).
1. Personal Information We Collect
We may collect a range of Personal Information. “Personal Information” means information that uniquely identifies, relates to, describes, or is reasonably capable of being associated with or linked to you.
The types of Personal Information we collect may include:
Contact Information
If you submit an inquiry, register for an account, or provide information on our Site, we may collect your contact information. This may include your name, email address, demographic information, and phone number.
Financial Information
If you make any purchases through our Site, we will collect your financial information, including your name and payment information.
Location Data
While navigating our Site your mobile device or browser may share your location data, both through WiFi and GPS. We will collect this information based on the settings of your phone and browser.
Usage Information
When you use our Site, our servers may automatically record information, including your Internet Protocol address (“IP Address”), browser type, referring URLs (e.g., the site you visited before coming to our Site), domain names associated with your internet service provider, information on your interaction with the Site, and other such information.
Employment Information
If you apply for employment, we will collect your employment and work history, as well as other Personal Information related to your potential employment. This may include your education and employment history, address and contact information, demographic information, and any other information included in your resume or application.
Communication Information
We may collect audio, electronic, or visual information, which includes screen sharing views; any data in any files uploaded, emailed or otherwise provided by or made available by you; the contents of your communications with us, whether via e-mail, social media, telephone or otherwise, and inferences we may make from other Personal Information we collect.
2. How We Collect Your Personal Information
We May Collect Your Personal Information Directly From You –
For example, if you register for an account on the Site, or request or purchase products, services, or information from us.
We May Also Collect Personal Information From Third Parties
For example, we may work with business partners, subcontractors, advertising networks, analytics providers, and search information providers, who may provide us with Personal Information about you.
Through Online Tracking Technologies
We and our service providers may use cookies, device identifiers, and similar technologies such as pixels, web beacons, and local storage to collect usage and browser information about how you use the Site. We process the information collected through such technologies, which may include or be combined with Personal Information, to help operate certain features of the Site, to enhance your experience through personalization, and to help us better understand the features of the Site that you and other users are most interested in.
The use of such tracking information by a third party depends on the Privacy Policy of that third party. We have implemented support for Global Privacy Control (GPC) signals as part of our ongoing privacy programme. GPC signals will be honoured as valid opt-out requests where required by applicable law. For details on managing your cookie preferences, see Section 5.
Through Analytics
We use analytics services, including Google Analytics, to assist us with analyzing our website traffic through cookies and similar technologies. For more information on Google Analytics’ processing of your Personal Information, please see https://policies.google.com/technologies/partner-sites?hl=en-US. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
3. How We Use Personal Information
To the extent permitted by applicable law, we may use Personal Information to:
Operate the Site and provide support to our business functions;
Fulfill customer requests, such as to create an account or complete customer purchases;
Protect against criminal activity, claims and other liabilities;
Send you information about our company, products, services, and promotions;
Respond to reviews, comments, or other feedback provided to us;
Support and personalize the Site and our advertising efforts;
Protect the security and integrity of the Site;
Provide customer support;
The extent required for benchmarking, data analysis, audits, developing new products, enhancing the Site, facilitating product, software and applications development, improving the Site or our services, conducting research, analysis, studies or surveys, identifying usage trends, as well as for other analytics purposes;
Meet our contractual requirements;
Comply with applicable legal or regulatory requirements and our policies;
Respond to inquiries related to employment opportunities;
Market, advertise, and provide the Site and our services; and
The extent necessary for any other lawful purpose for which the Personal Information is collected.
For individuals in the EU and UK: the GDPR lawful basis applicable to each of the above purposes is set out in Section 13A below.
4. Sharing of Personal Information
We may share your Personal Information in the following circumstances:
To Third Parties for Marketing Purposes
We may share your Personal Information with third parties for their marketing purposes. This may include third parties whose services we believe you may be interested, or who are interested in providing you with services.
We may share your Personal Information with third parties for their marketing purposes. This may include third parties whose services we believe you may be interested in, or who are interested in providing you with services. We will only share your Personal Information for third-party marketing purposes where we have your prior consent, or where permitted by applicable law
For Legal Obligation or Safety Reasons
When we have a good faith belief that access, use, preservation or disclosure of Personal Information is reasonably necessary to (a) satisfy or comply with any requirement of law, regulation, legal process, or enforceable governmental request, (b) enforce or investigate a potential violation of the Terms of Use, (c) detect, prevent, or otherwise respond to fraud, security or technical concerns, (d) support auditing and compliance functions, or (e) protect the rights, property, or safety of CometChat, its users, or the public against harm.
In the Case of a Merger or Sale
If and when we are involved in a merger, acquisition, or any form of transfer or sale of some or all of its business, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding. Personal Information may be transferred along with the business. Where legally required we will give you prior notice and if you have a legal right to do so, an opportunity to object to this transfer.
To Service Providers
When we hire a service provider to help operate the Site or our business, we may give access to Personal Information as necessary to perform the service for CometChat. This may include service providers that operate our Site, send our communications, or run our promotions. All service providers who process Personal Information on our behalf are bound by data processing agreements requiring them to implement appropriate technical and organisational measures and to process data only on our documented instructions.
To Business Partners
We may share Personal Information with our trusted business partners. For example, we may share your Personal Information with a company when we co-sponsor a promotion or service. These partners and affiliates may use your Personal Information to, among other things, send you information or contact you about their services and products.
5. Cookies and Other Technologies
We collect information about users over time through the Services by using several common types of cookies and other tracking technologies including log files, pixel tags, web bugs, web beacons, clear GIFs, Local Storage Objects (LSOs) such as HTML5 or other similar technologies to collect information about the ways you interact with and use the Services, to support and enhance features and functionality, to monitor performance, to personalize content and experiences, for marketing and analytics, and for other lawful purposes. We may also permit third parties that collect information in this way on our behalf and for their own purposes. Cookies are small files that download when you access certain websites. For more information about cookies visit: http://www.allaboutcookies.org/.
To assist us with analyzing our website traffic through cookies and similar technologies, we use analytics services such as Google Analytics. For more information on Google Analytics’ processing of your information, please see “How Google uses information from sites or apps that use our services.” You can opt out of Google Analytics by installing Google’s opt-out browser add-on.
These cookies may be placed by us (first-party) or by a third party. These cookies may also be Flash Cookies. To learn how to manage privacy and storage settings for Flash cookies click here. We may use cookies that are session-based or persistent. Session cookies expire when you close your browser or turn off your device. Persistent cookies remain on your device after you close your browser or turn off device. Where required by law (including for users in the EU, UK, and states requiring consent-based cookie practices), we obtain your consent before placing non-essential cookies. You may withdraw your consent at any time through our cookie preferences settings on the Site.
We may use a variety of cookies:
Type of Cookies
Description
Required
Required cookies are essential for the operation of the Services. They include, for example, cookies that allow you to access and use secure areas of the Services.
Performance
These cookies collect information about how you use the Services, including which pages you go to most often and if they receive error messages from certain pages. The information collected by these cookies is only used to improve how the Services function and perform.
Functionality
Functionality cookies allow the Services to remember information you have entered or choices you make (such as your username, language, or your region) and provide enhanced, more personal features. These cookies also enable you to optimize your use of the Services after logging in. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.
Targeting or Advertising
From time-to-time, we may engage third parties to track and analyze usage and volume statistical information from individuals who visit the Services. We sometimes use cookies delivered by third parties to track the performance of our advertisements. For example, these cookies remember which browsers have visited the Services. The information provided to third parties does not include personal information, but this information may be re-associated with personal information after we receive it.
By way of example, as you visit the Services, advertising cookies may be placed on your computer so that we can understand what you are interested in. Our advertising partners then enable us to present you with retargeted advertising on other sites based on your previous interaction with the Services.
Third parties, with whom we partner to provide certain features on the Services or to display advertising based upon your web browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored.
Most internet browsers accept cookies by default. You can accept, or block cookies by activating the setting on your browser that allows you to reject all or some cookies, or by changing your cookie preferences via the Services. The help and support area on your internet browser should have instructions on how to block or delete cookies. Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or to alert you to when a cookie is placed on your computer, tablet or mobile device. Although you are not required to accept cookies, if you block or reject them, you may not have access to all of the features available through the Services.
Cookie settings in Safari web and iOS.
To find out more on how to manage and delete cookies, visit aboutcookies.org. For more details on your choices regarding use of your web browsing activity for interest-based advertising you may visit the following sites:
We honour browser-level Global Privacy Control (GPC) signals as opt-out requests where required by applicable law. To enable GPC, visit globalprivacycontrol.org for browser specific setup instructions.
To find out more on how to manage and delete cookies, visit aboutcookies.org.
6. How Long Do We Keep Your Personal Information
We will retain your Personal Information for as long as necessary to fulfill the purposes for which it has been collected, as outlined in this Privacy Policy, or any longer retention period required by law.
The criteria we use to determine how long we retain Personal Information include:
the nature and sensitivity of the Personal Information;
the purposes for which it was collected;
applicable legal, regulatory, and statutory retention obligations;
and the potential risk of harm from unauthorised use or disclosure.
For questions about how long we hold your Personal Information, please contact us at privacy@cometchat.com.
7. How We Protect Your Personal Information
We implement appropriate technical and organisational measures to protect Personal Information against unauthorised access, alteration, disclosure, or destruction. These measures include:
Encryption in transit: all data transmitted between your browser and our services uses TLS 1.2 or higher (HTTPS/HSTS enforced).
Encryption at rest: all stored Personal Information is encrypted using AES-256-bit encryption.
Access controls: access to Personal Information is restricted on a least-privilege basis, with multi-factor authentication (MFA) required for all accounts with access to production systems.
Security certifications: CometChat holds ISO 27001:2022 certification and SOC 2 Type II attestation, independently audited on an annual basis.
Incident response: we maintain a formal Incident Response Policy and a cross-functional Incident Response Team. In the event of a personal data breach, we will notify affected individuals and relevant supervisory authorities within the timelines required by applicable law..
8. Your Choices and Controls
The rights and controls described in this section apply to individuals whose Personal Information CometChat processes as a data controller, including visitors to this Site and CometChat dashboard users. If you are an end user of a service or application built by one of CometChat’s customers, your data rights and privacy controls should be directed to that customer as the data controller. Please refer to their applicable privacy policy.
Depending on where you live, you have the right to exercise certain controls and choices regarding our collection, use, and sharing of your Personal Information. To exercise any of the rights described in this section, please contact us at privacy@cometchat.com.
A. Marketing opt-out
To opt-out of marketing communications please email us or follow the instructions included in the email or text correspondence. Please note that, even if you unsubscribe from certain correspondence, we may still need to contact you with important transactional or administrative information, as permitted by law. Additionally, if you withdraw your consent or object to processing, or if you choose not to provide certain Personal Information, we may be unable to provide some or all of our services to you.
B. Data subject and consumer rights requests (access, deletion, correction, portability)
To exercise your privacy rights including rights of access, erasure, correction, portability, or restriction of processing, please submit a request by emailing us. We will respond within the timeframe required by applicable law.
C. Opt-out of sharing
CometChat does not sell your Personal Information. You have the right to opt out of the sharing of your Personal Information, including for cross-context behavioural advertising. This is handled through a process that does not require identity verification. Depending on your location, you may opt out using the relevant option in our cookie/privacy preferences banner, or by enabling a Global Privacy Control (GPC) signal in your browser.
D. Appeals
If you are not satisfied with the resolution of your request and would like to submit an appeal, please email us with the subject line ‘Privacy Request Appeal’. For further escalation after an appeal, see Section 14. Please note that, even if you unsubscribe from certain correspondence, we may still need to contact you with important transactional or administrative information, as permitted by law. Additionally, if you withdraw your consent or object to processing, or if you choose not to provide certain Personal Information, we may be unable to provide some or all of our services to you.
9. International use of the Site
This Site is hosted in the United States. If you are visiting this Site from outside of the United States, please note that by providing your Personal Information it is being transferred to, stored, collected, or processed in the United States, where our data center and servers are located and operated. For individuals in the EU and UK, the legal mechanisms we rely on to transfer your Personal Information to the United States are set out in Section 13A.
10. Children’s privacy
We do not knowingly collect or solicit any Personal Information from minors under the age of 16. In the event that we learn that we have collected Personal Information from a minor, we will promptly take steps to delete that information. If you are a parent or legal guardian and think your child has given us their Personal Information, you can email us at privacy@cometchat.com or contact us using the information listed in Section 18.
CometChat provides communication infrastructure to business customers who build their own services and applications. CometChat’s customers, as data controllers and operators of their own platforms, are responsible for ensuring their services comply with all applicable laws protecting minors.
If CometChat becomes aware that a customer is using the platform in a manner involving children’s data without the required agreement, CometChat will take appropriate action including requiring remediation or suspending access to the service.
11. Links to third-party websites
We are not responsible for the practices employed by any websites or services linked to or from the Site, including the information or content contained within them. We encourage you to investigate and ask questions before disclosing Personal Information to third parties, since any Personal Information disclosed will be subject to the applicable third party’s privacy policy.
12. California residents
This Section applies to our collection and use of “Personal Information” if you are a resident of California, as required by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, and their implementing regulations (collectively, the “CCPA/CPRA”). This Section describes (A) the categories of Personal Information, collected and disclosed by us, subject to CCPA/CPRA, (B) your privacy rights under CCPA/CPRA, and (C) how to exercise your rights, (D) Complaints
When we use the term “Personal Information” in the context of the CCPA/CPRA, we mean information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household.
If you would like to receive a copy of this Section in an alternate format (e.g., printable) or language, please contact us using the information provided in Section 18.
A. Categories of Personal Information Collected, Used, and Shared
In accordance with California law, we may have collected and shared the following categories of Personal Information within the past 12 months:
Identifiers
A real name, Internet Protocol address, email address, and online identifiers.
Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
e.g., a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.
Internet or other similar network activity
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
Geolocation data
Physical location or movements.
Protected classification characteristics under California or federal law
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Professional or employment-related information
Current or past job history or performance evaluations.
Sensitive personal information
Certain categories of Personal Information we collect are classified as “Sensitive Personal Information” (“SPI”) under the CCPA/CPRA, including but not limited to: account log-in credentials combined with security codes or passwords; financial account, debit card, or credit card numbers with required access credentials; precise geolocation data; and Personal Information collected from individuals we know to be under the age of 16. We process SPI only for the purposes disclosed or as otherwise permitted by law. You have the right to direct us to limit our use and disclosure of your SPI (see Section B below).
We share each of these categories of Personal Information with our service providers to the extent necessary for them to facilitate our business purposes. We also share this Personal Information for the purposes set forth in Section 4 above.
B. Your California privacy rights
If you are a resident of California, you may have the following rights:
Privacy Right
Description
Notice
The right to be notified of what categories of Personal Information will be collected at or before the point of collection and the purposes for which they will be used and shared.
Access
The right to request the categories of Personal Information that we collected in the previous twelve (12) months (or historical records going back to January 2022 or further, per CCPA/CPRA 2026 regulations), the categories of sources from which the Personal Information was collected, the specific pieces of Personal Information we have collected about you, and the business purposes for which such Personal Information is collected and shared. You may also have the right to request the categories of Personal Information which were disclosed for business purposes, and the categories of third parties in the twelve (12) months preceding your request for your Personal Information.
Data Portability
The right to receive the Personal Information you have previously provided to us.
Erasure
The right to have your Personal Information deleted. However, please be aware that we may not fulfill your request for deletion if we (or our service provider(s)) are required or permitted to retain your Personal Information for one or more of the following categories of purposes: (1) to complete a transaction for which the Personal Information was collected, provide a good or service requested by you, or complete a contract between us and you; (2) to ensure our website integrity, security, and functionality; (3) to comply with applicable law or a legal obligation, or exercise rights under the law (including free speech rights); or (4) to otherwise use your Personal Information internally, in a lawful manner that is compatible with the context in which you provided it.
Correction
The right to request correction of inaccurate Personal Information we hold about you. We will use commercially reasonable efforts to correct such information upon verification of your identity, subject to applicable legal requirements.
Limit use of sensitive personal information
The right to direct us to limit our use and disclosure of your Sensitive Personal Information to purposes necessary to provide our services, or as otherwise permitted by the CCPA/CPRA. A “Limit the Use of My Sensitive Personal Information” or “Your Privacy Choices” link will be available on our website where applicable.
To Opt Out of sharing
The right to opt out of sharing your Personal Information (including for cross-context behavioral advertising). We recognise browser-based Global Privacy Control (GPC) signals as valid opt-out requests. We also have an opt-out toggle present on the cookie/preferences banner to do the same.
Automated decision-making
The right to receive notice of, access information about, and opt out of our use of automated decision-making technology (ADMT) for significant decisions producing legal or similarly significant effects. Where applicable, a pre-use notice will be provided before such processing begins.
Non-discrimination
You have the right not to receive discriminatory treatment when exercising your California privacy rights. We will not deny goods or services, charge different prices, or provide a different quality of service because you exercised your CCPA/CPRA rights.
C. How to exercise your rights
If you would like to exercise your rights listed above, please send (or have your authorized agent send) an email to privacy@cometchat.com. Please note: you will not be discriminated against in any way by virtue of your exercise of the rights listed above, which means we will not deny goods or services to you, provide different prices or rates for goods or services to you, or provide a different level or quality of goods or services to you.
We must verify your identity before fulfilling your requests. If we cannot initially verify your identity, we may request additional information to complete the verification process. Any Personal Information you disclose to us for purposes of verifying your identity will solely be used for the purpose of verification. If you are an authorized agent making a request on behalf of a California consumer, we will also need to verify your identity, which may require proof of your written authorization or evidence of a power of attorney.
We may deny certain requests, or only fulfill some in part, as permitted or required by law. For example, if you request to delete Personal Information, we may retain Personal Information that we need to retain for legal purposes (e.g., tax accounting).
D. Complaints
The CCPA/CPRA gives California consumers the right to lodge a complaint with the California Privacy Protection Agency (CalPrivacy), CalPrivacy may be contacted at privacy.ca.gov.
The Attorney General’s office may be contacted at https://oag.ca.gov/contact/consumer-complaint-against-business-or-company or by telephone at: (916) 210-6276.
13. Information for Individuals in the EU and UK
In accordance with European and UK law (collectively, the “GDPR”), individuals in the EU and UK may have additional rights relating to the collection and processing of Personal Information.
This section applies to individuals in the EU and UK whose Personal Information CometChat processes as a data controller, including visitors to this Site and CometChat dashboard users. If you are an end user of a service or application built by a CometChat customer, CometChat processes your data as a processor on behalf of that customer. In that case, your data protection rights under GDPR should be directed to the relevant CometChat customer as the data controller. CometChat will cooperate with its customers to fulfil data subject requests as required under its data processing agreements and applicable law.
A. Transfer Mechanisms
We rely on the following legal mechanisms to transfer your Personal Information to the United States:
Standard Contractual Clauses (SCCs): we rely on the European Commission's Standard Contractual Clauses (2021 SCCs, implementing Decision C(2021) 3972) for transfers of Personal Information from the EU to the United States.
UK International Data Transfer Agreement (IDTA): for transfers from the United Kingdom, we use the UK IDTA (ICO, in force March 21, 2022) or the UK Addendum to the EU SCCs, as applicable.
B. Basis for Processing
Our legal basis for processing the Personal Information described in this Notice will depend on the Personal Information concerned and the context in which we process it. We process Personal Information from you:
Where we need it to perform a contract with you;
Where the processing is in our legitimate interests (including the purposes described, above, in How We Use Personal Information), where these are not overridden by your interests or rights;
Where the processing is necessary for us to meet our applicable legal obligations; or
If we otherwise have your consent.
C. Our Privacy Rights
Depending on applicable law, you may have the right to:
Request access to your Personal Information.
Request correction of your Personal Information
Request erasure of your Personal Information.Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your Personal Information, including processing based on legitimate interests, or direct marketing at any time.
Request restriction of processing of your Personal Information.
Request the transfer of your Personal Information to you or to a third party.
Withdraw consent at any time where we are relying on consent to process your Personal Information.
To object to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects (Art. 22) please see Section 16 below
D. Complaints
If you wish to exercise any of these rights or would like further information, please contact us at privacy@cometchat.com or write to us using the address in the “Contact Us” section below.
Depending on the nature of your request, we may need to verify your identity. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection supervisory authority.
E. Response timelines
We will respond to your rights request without undue delay and within the period required under GDPR . Where a request is complex or we receive a high volume of requests, we may extend this period to the extent permitted under GDPR, in which case we will notify you of the extension and the reasons for the delay. We will not charge a fee for responding to your request unless it is manifestly unfounded or excessive.
14. Exercising Your Individual Privacy Rights
You will not be discriminated against in any way by virtue of your exercise of the rights listed below, which means we will not deny goods or services to you, provide different prices or rates for goods or services to you, or provide a different level or quality of goods or services to you. To exercise your privacy rights under applicable data protection law, please submit a request to us by emailing us at privacy@cometchat.com
A. Verification
We must verify your identity before fulfilling your requests for privacy rights. If we cannot initially verify your identity, we may request additional information to complete the verification process. We will only use Personal Information provided in a request to verify the requestor’s identity. If you are an authorized agent making a request on behalf of a California consumer, we will also need to verify your identity, which may require proof of your written authorization or evidence of a power of attorney. We endeavor to respond to requests within the time period required by applicable law. If we require more time, we will inform you of the reason and extension period in writing. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity and confirm the Personal Information relates to you.
We may deny certain requests, or only fulfill some in part, as permitted or required by law. For example, if you request to delete Personal Information, we may retain Personal Information that we need to retain for legal purposes. Requests to opt out of the sharing of your Personal Information do not require identity verification and are handled through the cookie preferences banner on our Site, or by enabling a Global Privacy Control (GPC) signal in your browser. Please see section 5 for more information.
B. Appeals & Complaints
If you are not satisfied with the resolution of your request, please follow this sequence:
Internal appeal (first step): email us at privacy@cometchat.com with the subject line ‘Privacy Request Appeal.’ We will review your appeal and respond within the timeframe required by applicable law.
External complaint (if appeal unsuccessful): you may escalate to the relevant supervisory authority or regulator. For California residents, see Section 12D. For EU and UK individuals, see Section 13C.
15. Information for Individuals in Canada
We comply with applicable Canadian data protection laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA).
Your provision of Personal Information to us means that you agree and consent that we may collect, use and disclose your Personal Information for the purposes described in this Privacy Policy. Should you choose not to provide us with required Personal Information, we may not be able to provide certain services. You acknowledge and consent that we may retain service providers to perform certain services. In the event that a service provider is located in the United States or another jurisdiction, Personal Information may be processed and stored in that jurisdiction, and that foreign courts or law enforcement or regulatory agencies may be able to obtain disclosure of Personal Information through the laws of those jurisdictions.
Residents of Canada may access, review, and request correction of their Personal Information held by us. We will take reasonable steps to verify your identity prior to responding to your requests. The verification steps will vary depending on the sensitivity of the personal information and whether you have an account with us.
We reserve the right not to change Personal Information if we disagree that it is incorrect, but we will maintain a record of your request. We may not provide access to Personal Information if an exemption applies, for example, where the information requested would disclose the Personal Information of another individual or if the information would reveal confidential commercial information.
You have the right to refuse to provide or to withdraw your consent to processing of your Personal Information at any time. This would not affect processing where the applicable law allows us to process Personal Information without consent.
We will not collect, use or disclose your Personal Information for any other purpose than those outlined above, except with your consent. We will respond to your request within the timeframe required under PIPEDA. If we require an extension in the circumstances permitted under PIPEDA, we will notify you in writing within the initial response period.
16. Automated decision-making and AI
CometChat’s platform may include features that use automated processing, including automated content moderation, usage analytics, and communications tools. We do not make decisions about individuals that are based solely on automated processing, including profiling, that produce legal or similarly significant effects, without human review. Where automated processing features are used within our platform,
CometChat’s business customers (as data controllers) are responsible for providing appropriate notices and rights to their end users, including any disclosures required under applicable data protection and automated decision-making laws.
17. Changes to this Privacy Policy
Please note that we may modify or update this Privacy Policy from time to time, so please review it periodically. We may provide you with an updated Privacy Policy if material changes are made. For material changes, meaning changes that affect how we collect, use, or share Personal Information, or that affect your rights, we will provide notice by posting the updated Privacy Policy with a notice on the Site in advance of the changes taking effect, and, where required by applicable law, by other appropriate means. For non-material changes (such as corrections of typographical errors or updates to contact details), changes will apply upon posting.
18. Contact us
CometChat Inc is the data controller and is based in the United States at 1580 N Logan St, Ste 660 PMB 43373 Denver, Colorado, 80203, or at the following email address privacy@cometchat.com.
Our representative in the EU for GDPR purposes is:
Rickert Rechtsanwaltsgesellschaft mbH
datenschutz@rickert.net
CometChat Inc.
Colmantstraße 15
53115 Bonn
Germany
Our representative in the UK for UK-GDPR purposes is:
Rickert Services Ltd UK
datenschutz@rickert.net
CometChat Inc.
PO Box 1487
Peterborough
PE1 9XX
United Kingdom
Our Data Protection Officer (DPO) is:
Lyn Glaxco
lyn.glaxco@cometchat.com
CometChat Inc.
404 CometChat, 4th Floor, A Wing, Shrikant Chambers,
Next to RK Studio, V N Purav Marg, Chembur East,
Mumbai - 400071, India
Last updated: July 8, 2026