Privacy
Privacy Policy
How ChatAudit processes personal data and keeps your chat analysis local on your device.
Last updated: 30 May 2026
1. Controller
The controller responsible for processing personal data in connection with ChatAudit is Steiner Online Services. Full provider and contact details are available in the imprint.
ChatAudit is available at chataudit.io. For privacy and product questions, contact us at hello@chataudit.io.
The privacy contact person is David Steiner.
2. Short Overview
ChatAudit is completely free and analyzes exported chat histories to help users understand communication patterns. The core analysis runs locally in your browser. Chat contents are not transmitted to our servers and are not stored by us in a cloud database.
Our servers process technical requests, security data for abuse prevention and, after consent, data related to Google Tag Manager and Google Analytics. We do not process any payment data, because ChatAudit is free.
Because chat histories may contain intimate or sensitive information about you and other people, you should only upload chats in which you participated or for which you have sufficient permission to analyze them.
3. Applicable Privacy Rules
As a provider based in Switzerland, we comply with the Swiss Federal Act on Data Protection (FADP). Where ChatAudit concerns people in the EU or EEA, we also take the General Data Protection Regulation (GDPR) into account. Where people in the United Kingdom are concerned, we take the UK GDPR and supplementary UK privacy rules into account.
This Privacy Policy is intended for an international audience. Individual rights and obligations may vary depending on your location, residence, applicable consumer protection law and local privacy law.
4. Data We Process
When you use ChatAudit, the following data may be processed: chat contents from uploaded export files, names or labels of chat participants, timestamps, message contents, deleted-message markers, links and domains from chats, analysis results, local user settings such as working hours or time zones and local session IDs.
On the server side, we process in particular technical request data and IP addresses or rate-limit data derived from them.
We do not require user accounts, public profiles or community profiles.
5. Local Chat Processing
Uploaded chat files are read, parsed, analyzed and stored locally in your browser. ChatAudit uses browser IndexedDB for this. Certain local identifiers, such as a session ID, may also be stored in localStorage.
Chat contents are not sent to our servers. The analysis algorithms also run client-side in the browser. If you delete local data, clear browser storage, use another device, or upload a new chat and overwrite the old one, local data may be lost.
ChatAudit generally does not automatically delete local analysis data. You can delete local data in the app; browser or device functions may also remove local data.
6. Sensitive Content and Third-Party Data
Chat histories can contain very personal information, such as statements about relationships, sex life, health, mental stress, religion, political opinions or other sensitive topics. ChatAudit is designed so that these contents remain local on your device.
You are responsible for analyzing only chats where processing is lawful. If a chat contains information about other people, you should respect their rights and reasonable expectations. Do not publish analysis results or chat excerpts without sufficient permission.
7. No Payment Data
ChatAudit is completely free. There are no paid features, purchases or subscriptions. We therefore do not process any payment data and do not use any payment provider.
The chat analysis runs entirely locally in your browser. No billing, transaction or customer-account data is created.
8. Cookies, Local Storage and Similar Technologies
ChatAudit uses local storage technologies such as IndexedDB and localStorage so that analysis can work locally and a session can be found again. These storage operations are required for the core features.
We use non-essential cookies or similar technologies for analytics or marketing purposes only where the applicable legal requirements are met. For users in Switzerland, the EU/EEA and the UK, this particularly means that a consent banner or equivalent consent solution is used where required. More details are available in our Cookie Policy.
9. Google Tag Manager, Google Analytics and Conversion Measurement
We use Google Tag Manager and Google Analytics to measure reach, usage and conversion events and to improve ChatAudit. In regions where consent is required, these services are activated only after your prior consent through our consent banner. You can withdraw consent at any time with effect for the future.
This may involve processing page views, device and browser information, approximate location information, interactions, technical identifiers and coarse funnel events.
We configure tracking so that no chat contents, participant names, local session IDs, chat fingerprints or email addresses are sent to Google Analytics.
10. Service Providers and Recipients
We operate ChatAudit on server infrastructure controlled by us or through hosting and infrastructure providers. These providers may process technical access data and security data as processors. Chat contents are not stored server-side or transmitted to this infrastructure.
Other recipients of personal data may include consent-management providers such as CookieYes and, after consent, analytics providers such as Google. We currently do not use any external AI API to analyze your chat contents.
Where service providers process personal data on our behalf, we conclude appropriate contractual arrangements. Where service providers act as independent controllers, their own privacy information also applies.
11. International Data Transfers
Because ChatAudit is offered internationally and individual service providers may operate globally, personal data may be transferred to countries outside Switzerland, the EU/EEA or the United Kingdom.
For such transfers, we use appropriate safeguards, such as adequacy decisions, standard contractual clauses, contractual guarantees, technical safeguards or other legally provided bases. This particularly concerns consent-management providers such as CookieYes and, after consent, analytics providers such as Google.
12. Legal Bases and Purposes
We process personal data to provide ChatAudit, enable local analyses, prevent abuse, ensure security, process support requests, comply with legal obligations and improve our product.
Where the GDPR or UK GDPR applies, we rely on contract performance, legitimate interests, legal obligations or consent depending on the context. Consent is particularly relevant for non-essential analytics or marketing technologies.
Under Swiss data protection law, we process personal data lawfully, fairly, proportionately and for specific purposes.
13. Retention and Deletion
Chat contents and analysis results are generally stored locally in your browser and remain there until you delete them, overwrite them or your browser or device removes them.
Rate-limit and blocking data are generally processed only for a short period, typically seconds to a few minutes. Where technical server or security logs are created, we generally delete or anonymize them within 30 days unless longer retention is required due to security incidents, abuse, legal claims or statutory obligations.
14. Security
We use technical and organizational measures to protect personal data appropriately. These include local processing of chat contents, access restrictions and rate limiting.
No system is completely risk-free. You should handle chat exports carefully, protect your device and delete local data when you no longer need it.
15. Your Rights
Depending on applicable law, you may request access, correction, deletion, restriction of processing, data portability, objection to certain processing and withdrawal of consent. Users in the EU/EEA and the United Kingdom have rights under the GDPR or UK GDPR. Users in Switzerland have rights under the FADP.
Because chat contents are processed locally on your device, we do not receive these contents and do not store them server-side. We therefore cannot delete, export or correct chat contents server-side for you. You can delete local data directly in the app or through your browser.
For privacy requests, contact us at hello@chataudit.io or by post using the details in the imprint. You also have the right to complain to a competent data protection authority where applicable law provides this.
16. Minors
ChatAudit is intended for adult users. Use is permitted only for persons aged 18 or older. Please do not use ChatAudit if you are a minor.
17. Changes
We may update this Privacy Policy if ChatAudit, service providers, technical processes or legal requirements change. The current version is available at chataudit.io.