← Back to chat

Privacy Policy

Last updated: March 3, 2026

1. Introduction

This Privacy Policy describes how Free AI Chat ("we," "our," or "the Service") collects, uses, and discloses information, including biometric data, when you use our web application. By using this Service, you consent to the data practices described in this policy.

2. Biometric Information Collection

Important Notice: This Service collects biometric identifiers and biometric information as defined under applicable law, including but not limited to the Illinois Biometric Information Privacy Act (BIPA), the California Consumer Privacy Act (CCPA), and the General Data Protection Regulation (GDPR).

2.1 What Biometric Data We Collect

When you type messages into the chat interface, we collect the following behavioral biometric data:

  • Keystroke dynamics: timing between keystrokes, key press duration, and typing rhythm patterns
  • Typing behavior patterns: pause patterns, correction behaviors, and typing speed variations
  • Cursor position changes: cursor movement and positioning during text input
  • Input timing metadata: timestamps and sequence information related to your typing activity

2.2 Purpose of Biometric Data Collection

We collect this biometric information for the following specific purposes:

  • Research and development of behavioral biometric authentication systems
  • Training and validation of machine learning algorithms for proof-of-authorship technology
  • Developing technology to distinguish human-generated text from AI-generated or bot-generated content
  • Academic and scientific research in the field of behavioral biometrics

2.3 Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, the legal basis for processing your biometric data is your explicit consent, which you provide by accepting this Privacy Policy before using the Service.

3. Message Content Collection

Your message content is collected and processed as follows:

  • Messages are forwarded to third-party AI providers to generate responses
  • Messages are sent alongside biometric typing data to the Sygnus research API
  • Messages are transmitted in real-time and are not stored on our servers
  • Message content may be retained by the Sygnus research platform for research purposes

4. What We Collect

  • Behavioral biometric data (as described above)
  • Message content for AI processing and research
  • Google Analytics cookies and usage data (if you provide consent)

5. What We Do NOT Collect

  • No personal identifying information (name, email address, phone number)
  • No IP address logging or persistent user identifiers
  • No cross-session tracking or user profiling
  • No chat history storage on our application servers
  • No payment or financial information

5. Third-Party Data Sharing

5.1 Sygnus Research Platform

All collected biometric data and message content are transmitted in real-time to the Sygnus research platform (sygnus.di-solutions.sk). This platform is operated for behavioral biometrics research purposes. The Sygnus platform may retain and use this data for research, algorithm training, and scientific publication.

5.2 AI Service Providers

Message content is forwarded to third-party AI service providers solely for the purpose of generating conversational responses. These providers may process your messages according to their own privacy policies.

5.3 No Sale of Data

We do not sell, rent, or trade your biometric information or personal data to third parties for monetary consideration.

6. Data Retention and Storage

  • Biometric data is forwarded in real-time to the Sygnus research platform
  • We do not maintain local storage of biometric data or messages
  • Data retention on the Sygnus research platform is governed by research requirements and may be retained indefinitely for scientific purposes
  • Consent preferences are stored in your browser's local storage

7. Data Security

We implement reasonable security measures to protect data during transmission:

  • All data transmissions use encrypted HTTPS connections
  • No long-term data storage on application servers reduces exposure risk
  • Access to research data is limited to authorized research personnel

However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

8. Your Rights and Choices

8.1 Anonymous Collection Limitation

Because we collect biometric data without persistent user identifiers or accounts, we cannot link collected data back to specific individuals. This limits our ability to fulfill certain data subject rights requests.

8.2 Right to Withdraw Consent

You may withdraw your consent at any time by simply ceasing to use the Service. However, we cannot delete previously collected anonymous data as we have no way to identify which data belongs to you.

8.3 GDPR Rights (EEA Users)

If you are located in the EEA, UK, or Switzerland, you have the following rights:

  • Right to access: Limited due to anonymous collection
  • Right to rectification: Not applicable due to anonymous collection
  • Right to erasure: Cannot be fulfilled due to inability to identify your data
  • Right to restrict processing: Stop using the Service to cease data collection
  • Right to data portability: Not applicable due to anonymous collection
  • Right to object: Do not use the Service
  • Right to lodge a complaint: You may contact your local data protection authority

8.4 CCPA/CPRA Rights (California Users)

If you are a California resident, you have the following rights:

  • Right to know: This policy discloses what data we collect
  • Right to delete: Cannot be fulfilled due to anonymous collection
  • Right to opt-out of sale: We do not sell your data
  • Right to non-discrimination: We do not discriminate based on privacy rights exercise

8.5 BIPA Rights (Illinois Users)

If you are an Illinois resident, you have the right to:

  • Be informed of biometric data collection (provided in this policy)
  • Provide written consent before collection (provided via consent modal)
  • Know the purpose and duration of collection (described in sections 2.2 and 6)

9. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. The Sygnus research platform may be located in jurisdictions with different data protection laws than your jurisdiction. By using this Service, you consent to such transfers.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Email: [Your contact email]
Project Repository: [Link to repository]

For GDPR-related inquiries, you may also contact your local data protection authority.

12. Acknowledgment and Consent

By clicking "I Accept" on the consent modal and using this Service, you acknowledge that you have read and understood this Privacy Policy, and you provide your explicit consent to the collection, use, and disclosure of your biometric information as described herein.