Privacy Policy

Last Updated: January 18, 2025

Table of Contents

  1. Introduction
  2. Data Controller Information
  3. Information We Collect
  4. How We Use Your Information
  5. Legal Basis for Processing
  6. Data Security
  7. Data Retention
  8. Your Rights
  9. Cookie Policy
  10. Third-Party Services
  11. International Data Transfers
  12. Changes to This Policy
  13. Contact Information

Introduction

Machine Mind Ltd (“Expert Comments,” “we,” “us,” or “our”), registered office at 35 Follager Road, CV21 2JF Rugby, United Kingdom (company number 11731290), is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website (https://expert-comments.com) and AI companion chat services (collectively, the “Service”).

By accessing or using the Service, you agree to this Privacy Policy. If you disagree with any part of this policy, please do not use our Service.

Data Controller Information

Machine Mind Ltd acts as the data controller for personal information collected through our Service. You can contact us regarding privacy matters at:

  • Email: support@expert-comments.com or office@machinemind.ltd
  • Mail: Machine Mind Ltd, 35 Follager Road, CV21 2JF Rugby, United Kingdom

Please note that under Article 37 of the UK GDPR, we are not required to appoint a Data Protection Officer as:

  • We are not a public authority or body
  • Our core activities do not consist of regular and systematic monitoring of data subjects on a large scale
  • Our core activities do not consist of processing special categories of data on a large scale
  • We are a small enterprise focused on providing AI companion services

While we haven’t appointed a formal DPO, we remain fully committed to protecting your privacy and ensuring compliance with all applicable data protection laws. Our team is trained in data protection matters and handles all privacy-related inquiries with utmost care.

Information We Collect

1. Information You Provide to Us

  • Account Information: Email address, password, display name, chat preferences, and optional profile customizations
  • Payment Information: Limited to email address and transaction details from completed purchases (all payment processing and financial data is handled exclusively by Stripe)
  • Communication Data: Messages, feedback, and support requests
  • Usage Preferences: Customization settings and AI interaction preferences

2. Information Automatically Collected

  • Technical Data: IP address, browser type, device information
  • Usage Data: Service interaction patterns, feature usage statistics
  • Cookie Data: Session data and service preferences
  • Chat Data: Interaction history with AI companions

How We Use Your Information

We process your personal data for the following purposes:

1. Service Provision

  • Delivering our AI companion chat services
  • Managing your account and preferences
  • Processing payments and credits
  • Providing customer support

2. Service Improvement

  • Analyzing service usage patterns
  • Improving AI interaction quality
  • Developing new features
  • Troubleshooting technical issues

3. Security

  • Protecting against unauthorized access
  • Preventing fraud and abuse
  • Ensuring service integrity
  • Maintaining data security

4. Legal Compliance

  • Meeting regulatory requirements
  • Responding to legal requests
  • Enforcing our terms of service
  • Protecting legal rights

We process your personal data under the following legal bases:

1. Contract Performance (Article 6(1)(b) UK GDPR)

  • Providing our services
  • Managing your account
  • Processing payments

2. Legal Obligations (Article 6(1)(c) UK GDPR)

  • Complying with legal requirements
  • Maintaining required records
  • Responding to legal requests

3. Legitimate Interests (Article 6(1)(f) UK GDPR)

  • Improving our services
  • Ensuring security
  • Preventing fraud

4. Consent (Article 6(1)(a) UK GDPR)

  • Marketing communications (where applicable)
  • Optional features and customization

Data Security

1. Technical Measures

  • HTTPS encryption for all data transmission
  • Secure hosting through OVH (ISO 27001 certified provider)
  • Regular security audits and testing
  • Encryption of sensitive data at rest

2. Organizational Measures

  • Staff training on data protection
  • Access control and authentication
  • Security incident response procedures
  • Regular security assessments

Data Retention

We retain your personal data only for as long as necessary to:

  • Provide our services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce agreements

Specific retention periods:

  • Account data: Duration of account activity plus 12 months
  • Payment data: As required by tax and accounting laws
  • Communication records: 24 months from last interaction
  • Technical logs: 12 months

Your Rights

Under UK GDPR and applicable data protection laws, you have the following rights:

  1. Right to Access – Request a copy of your personal data
  2. Right to Rectification – Correct inaccurate data
  3. Right to Erasure – Request deletion of your data
  4. Right to Restrict Processing – Limit how we use your data
  5. Right to Data Portability – Receive and transfer your data
  6. Right to Object – Object to certain processing activities
  7. Rights Regarding Automated Decision-Making – Contest automated decisions

To exercise these rights, contact support@expert-comments.com. We’ll respond within one month as required by law.

Cookie Policy

We use cookies and similar technologies to:

  • Maintain session information
  • Remember preferences
  • Analyze service usage
  • Ensure security

Types of cookies used:

  • Essential cookies (required for service functionality)
  • Preference cookies (remember your settings)
  • Analytics cookies (understand service usage)

You can control cookie settings through your browser preferences.

Third-Party Services

We use the following third-party services:

  • OVH (hosting provider)
  • Stripe (payment processing)

Regarding payment processing:

  • Stripe handles all payment processing and stores all financial information
  • We never receive, process, or store credit card numbers or other payment method details
  • We only receive confirmation of completed transactions, including the email address and the amount of credits purchased
  • For more information about how Stripe handles your payment data, please refer to Stripe’s Privacy Policy

These providers process data under strict confidentiality agreements and comply with applicable data protection laws.

International Data Transfers

Your data is primarily stored in the UK and EU. If we transfer data outside these regions, we ensure appropriate safeguards through:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Additional security measures

Changes to This Policy

We may update this Privacy Policy periodically. We’ll notify you of significant changes through:

  • Email notification
  • Service announcements
  • Website notices

Contact Information

For privacy-related inquiries:

  • Email: office@machinemind.ltd
  • Mail:
    Machine Mind Ltd
    35 Follager Road
    CV21 2JF Rugby
    United Kingdom

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we haven’t adequately addressed your privacy concerns.

Additional Resources