Skip to main content
All CollectionsPrivacy & Legal
Privacy FAQ
Privacy FAQ
Updated this week

General Data Handling

Q: What data does Infuzu collect?

  • Chat Users: We securely store your chat history, account details (name, email), and anonymized decision data (if enabled) to improve services.

  • API Users: Inputs/outputs are processed in memory only and never stored on disk.

Q: How is my data protected?

  • Chat: All data at rest is encrypted with AES-256 (keys rotated daily). Data in transit uses HTTPS with RSA 2048 or stronger.

  • API: Data is encrypted in transit (RSA 2048 or equivalent) and never stored.

Data Retention & Deletion

Q: How long is chat history stored?

  • By default, chats are deleted after 90 days of inactivity. You can adjust this in Privacy Settings (1–1000 days). Note: Your organization may set a maximum retention period.

Q: How do I delete my data?

  • Individual Chats: Hover over a chat in the sidebar, click “Delete,” and confirm.

  • Batch Deletion: Email privacy@infuzu.com.

  • Decision Data: Anonymized decision data cannot be deleted unless you contact us.

Q: Is deleted data truly gone?
Yes. Deleted chats are purged from servers immediately. Backups are overwritten within 30 days.

Decision Data & Analytics

Q: What is decision data?
When you compare AI responses, we collect anonymized interactions (excluding the final AI response) to improve models.

Q: How is decision data anonymized?

  • We remove user IDs and store only aggregated trends.

  • Even if you include personal details (e.g., your name) in chats, they’re encrypted and anonymized.

Q: Can I opt out of decision data collection?
Yes. Paid users can disable it in Privacy Settings. Organizations may enforce this policy for all members.

API-Specific Privacy

Q: Does the Infuzu API store my data?
No. API inputs/outputs are processed in memory and never written to disk.

Q: How secure is the API?
Data in transit uses RSA 2048 or stronger encryption. We enforce strict rate limits and audit logs.

HIPAA & Healthcare Compliance

Q: How does Infuzu handle healthcare data (PHI)?

  • We sign Business Associate Agreements (BAAs) upon request. Contact baa@infuzu.com.

  • PHI in decision data is HIPAA-compliant (encrypted and anonymized).

User Rights

Q: How do I exercise GDPR/CCPA rights?
Email privacy@infuzu.com to request access, correction, or deletion. We respond within 30 days and may verify your identity via email confirmation.

Q: Can I opt out of cookies?
Yes. Use browser settings or the Google Analytics opt-out tool.

Security & Legal

Q: What happens during a data breach?
Affected users are notified via email immediately.

Q: Does Infuzu share data with third parties?
No. We use cloud providers for hosting, but they cannot access your encrypted data. We comply with legal requests only when required.

Age Restrictions

Q: Can children use Infuzu?
No. Users under 13 are prohibited. Users aged 13–18 require parental consent (self-reported).

Policy Updates

Q: How are policy changes communicated?
Significant updates are announced via email or in-app notifications.

Contact Us

This FAQ balances brevity with clarity while emphasizing transparency, user control, and compliance. Let me know if you’d like adjustments!

Related Articles
Will Infuzu sign a Business Associate Agreement (BAA), and if so, for which products?
Maximizing the Potential of Infuzu Chat: Best Practices for Using LLMs Effectively
Managing Your Privacy Settings on Infuzu
How to Clear Chat History on Infuzu
Did this answer your question?