AI Chatbot “Codie” Privacy Notice

This Privacy Notice explains how UAB "Data troops" ("we," "us," or "our") collects, uses, and processes your personal data when you interact with our AI Chatbot ("the Chatbot") for customer support operations. We are committed to protecting your privacy and ensuring transparency about our data practices in compliance with the General Data Protection Regulation (GDPR).


1. Who is the Data Controller?

UAB "Data troops" Švitrigailos str. 34 Vilnius, Lithuania. Legal Entity Code: 305893779.

Email: [email protected]

Website: https://decodo.com/


2. Contact Details

For data protection-related inquiries, please contact us using the email address: [email protected].


3. What Personal Data Do We Process?

When you interact with our Chatbot, we may process the following categories of personal data:

Identity Data: Your name, title, company name.

Contact Data: Your email address.

Interaction Data: Transcripts of your conversations with the Chatbot, including your questions, requests, and the Chatbot's responses. This may include details about your inquiries, product feedback, and customer service history.

Technical Data: Your IP address, browser type and version, operating system, device type, and other technology on the devices you use to access our services.

Usage Data: Information about how you use our website, products, and services.

Any other personal data you voluntarily provide during your interaction with the Chatbot that is relevant to your support request.

Special Categories of Personal Data: We do not intentionally collect any special categories of personal data (e.g., data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health data, genetic data, biometric data, or data concerning a person's sex life or sexual orientation) through our Chatbot. We kindly request that you do not share such sensitive information with the Chatbot unless explicitly requested and deemed absolutely necessary for your specific support request, in which case we will seek your explicit consent.


4. Source of Personal Data

The personal data we process through the AI Chatbot is primarily obtained directly from you, the data subject, through your interactions and conversations with the Chatbot. This includes the information you actively type or provide, as well as certain technical and usage data automatically collected while you use the Chatbot (e.g., IP address, device type). In some cases, if you previously interacted with our company or services, certain existing data (e.g., your customer ID, recent orders) might be securely accessed from our internal systems to provide a more personalized and efficient support experience. This is done with appropriate safeguards and only where relevant to your current inquiry.


5. Purposes of Processing Personal Data

We process your personal data collected via the Chatbot for the following purposes:

To Provide Customer Support: To answer your questions, resolve your issues, provide information about our products/services, and guide you through our offerings.

To Improve Our Services: To analyze Chatbot interactions to enhance the Chatbot's accuracy, efficiency, and ability to understand and respond to user queries, as well as to improve our overall customer support operations and product/service offerings.

To Facilitate Human Agent Handoff: If the Chatbot cannot resolve your query, to seamlessly transfer your conversation and relevant context to a human customer support agent to continue assisting you.

To Personalize Your Experience: To tailor Chatbot responses and information based on your previous interactions or known preferences (where applicable and appropriate).

For Internal Training and Quality Assurance: To train our AI models and human agents, and to monitor the quality of our customer support services.

To Detect and Prevent Fraud or Misuse: To ensure the security and integrity of our services and prevent fraudulent or inappropriate use.

To Comply with Legal Obligations: To meet any legal or regulatory requirements that may apply to us.


6. Legal Basis for Processing

We rely on the following legal bases for processing your personal data:

Contractual Necessity (GDPR Art. 6(1)(b)): Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (e.g., providing information about our services, fulfilling a support request).

Legitimate Interests (GDPR Art. 6(1)(f)): Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Our legitimate interests include:

  • Improving the accuracy and effectiveness of our Chatbot and customer support services.
  • Ensuring the security of our systems and preventing misuse.
  • Training our AI models and human agents to provide better service.
  • Understanding customer needs to enhance our products and services.

Consent (GDPR Art. 6(1)(a)): In specific situations, if we process special categories of personal data or for certain non-essential purposes (e.g., specific optional feedback that goes beyond core support), we will seek your explicit consent. You have the right to withdraw your consent at any time (see Section 10).

Legal Obligation (GDPR Art. 6(1)(c)): Processing may be necessary for compliance with a legal obligation to which we are subject (e.g., retaining records for tax or auditing purposes).


7. Recipients of Personal Data

We may share your personal data with the following categories of recipients:

- Internal Teams: Our customer support agents, technical support teams, product development teams, and legal/compliance departments, on a need-to-know basis.

- Third-Party Service Providers:

  • AI Chatbot Platform Provider: Ace Waves, UAB, and other companies that provide the underlying AI technology for our Chatbot.
  • Cloud Hosting and Data Storage Providers: Hetzner Online, GmbH, (dedicated servers for data storage); Datapacket (DataCamp Limited) (dedicated servers for data storage); Alibaba Limited (dedicated servers for data storage); Google Ireland Limited (Google Cloud Platform) (cloud services including infrastructure, storage, data analytics, and application hosting).
  • Customer Relationship Management (CRM) systems: Text Inc., other systems where support tickets and customer interactions are managed.
  • Analytics Providers: Zendesk QA (Klaus) and other specialized companies, to analyze customer support transcripts, monitor chatbot usage and performance, and assess the overall quality of the customer experience. This analysis helps us gain insights to continuously improve our services, enhance support quality, and refine our customer interactions.

- IT Support and Maintenance: Vendors who assist with the technical operation and maintenance of our systems.

- Professional Advisors: Lawyers, auditors, and insurers providing professional services to us.

- Governmental & Regulatory Authorities: When required by law or necessary to protect our rights.

We ensure that all third-party service providers are contractually bound to implement appropriate security measures and only process your data according to our instructions and applicable data protection laws.


8. Transfers of Personal Data to Third Countries

Your personal data may be transferred to, and processed in, countries outside the European Economic Area (EEA) where data protection laws may not be as comprehensive as those within the EEA. When we transfer your personal data outside the EEA, we ensure that appropriate safeguards are in place to protect your data, such as:

  • Adequacy Decisions: Transferring data to countries deemed by the European Commission to provide an adequate level of data protection.
  • Standard Contractual Clauses (SCCs): Implementing the European Commission's Standard Contractual Clauses with the recipient of the data.

9. Data Retention Period

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider:

  • The amount, nature, and sensitivity of the personal data.
  • The potential risk of harm from unauthorized use or disclosure of your personal data.
  • The purposes for which we process your personal data and whether we can achieve those purposes through other means.
  • Applicable legal requirements (e.g., for financial transactions, support history).

Generally, Chatbot interaction data and related personal data will be retained for a period of up to 3 years to allow for service improvement, historical reference for customer support, and compliance with our legal obligations. After this period, your data will be securely deleted or anonymized so that it can no longer be associated with you.


10. Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

  • The Right to Access: You have the right to request copies of your personal data.
  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • The Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
  • The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions, particularly when processing is based on legitimate interests.
  • The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • The Right to Withdraw Consent: Where our processing is based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • To exercise any of these rights, please contact us using the details provided in Section 2. We will respond to your request without undue delay and at the latest within one month.

11. Right to Lodge a Complaint with a Supervisory Authority

If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a competent supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement. In Lithuania, it is the State Data Protection Inspectorate (VDAI).


12. Automated Decision-Making and Profiling

Our AI Chatbot primarily provides information, answers questions, and directs you to relevant resources or human agents. It does not make decisions based solely on automated processing (including profiling) that produce legal effects concerning you or similarly significantly affect you, without human intervention. In cases where the Chatbot might recommend a product or service, or categorize your query, these are preliminary steps designed to assist a human agent or streamline your journey, and do not constitute final, legally binding decisions. Any significant decisions affecting you will involve human oversight and discretion.


13. How We Secure Your Data

We are committed to ensuring the security of your personal data. We implement appropriate technical and organizational measures to protect your data from unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption of data in transit and at rest.
  • Access controls and authentication mechanisms.
  • Regular security audits and vulnerability assessments.
  • Employee training on data protection and security.

14. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Notice on our website with a new "Last Updated" date. We encourage you to review this Privacy Notice periodically.


Last Updated: November 10, 2025

© 2018-2025 decodo.com (formerly smartproxy.com). All Rights Reserved