ChaseAI
Start Free

Privacy Policy

Last updated: March 16, 2026

This Privacy Policy describes how Global Bridge MNE, LLC ("we," "us," or "our"), operating the ChaseAI platform at chaseai.app (the "Service"), collects, uses, discloses, and protects your personal information. We are committed to safeguarding your privacy and ensuring transparency in how we handle your data.

By accessing or using ChaseAI, you agree to the practices described in this policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

  • Account information: Name, email address, and password when you create an account.
  • Company information: Company name, sender name, and other settings you configure.
  • Client data: Names, email addresses, phone numbers, and notes for clients you add to ChaseAI.
  • Invoice data: Invoice numbers, amounts, currencies, due dates, notes, and PDF files you upload.
  • API keys: If you provide your own Google Gemini API key, it is stored encrypted in our database.
  • Communications: Messages you send through our contact form or support channels.

1.2 Information Collected Automatically

  • Usage data: Pages visited, features used, AI sequence generations, and general interaction patterns.
  • Device information: Browser type, operating system, screen resolution, and device identifiers.
  • Log data: IP addresses, access times, referring URLs, and server logs.
  • Cookies and tracking: We use cookies and similar technologies as described in our Cookie Policy.

1.3 Information from Third Parties

  • Authentication providers: If you sign in via a third-party provider (e.g., Google), we receive your name and email from that provider.
  • Analytics providers: We receive aggregated analytics data from Vercel Analytics and Google Analytics.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the ChaseAI platform.
  • Generate AI-powered chase sequences for your invoices.
  • Send automated emails on your behalf as part of chase sequences.
  • Process your subscription and manage your account.
  • Send transactional emails (account verification, password resets, billing receipts).
  • Respond to support inquiries and communicate with you about the Service.
  • Analyze usage patterns to improve features and user experience.
  • Detect and prevent fraud, abuse, and security threats.
  • Comply with legal obligations.

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data based on the following legal grounds:

  • Contract performance: Processing necessary to provide the Service you signed up for (account management, invoice processing, email sending).
  • Legitimate interests: Analytics, fraud prevention, and product improvement, where our interests do not override your rights.
  • Consent: Where required, such as for non-essential cookies and marketing communications. You may withdraw consent at any time.
  • Legal obligation: Processing required to comply with applicable law.

4. Data Sharing and Disclosure

We do not sell your personal data. We share information only in the following circumstances:

4.1 Service Providers

We use trusted third-party providers to operate the Service:

  • Supabase (EU West — Ireland): Database hosting, authentication, and edge functions.
  • Resend: Transactional email delivery for chase sequences.
  • Google (Gemini AI): AI sequence generation. Invoice data (client name, amount, due date) is sent to Google's API to generate email content. Google's API terms apply.
  • Stripe: Payment processing (when active). Stripe's privacy policy applies.
  • Vercel: Website hosting and analytics.
  • Google Analytics: Usage analytics.

4.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental request, or to protect the rights, safety, or property of ChaseAI, our users, or the public.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Storage and Security

  • Location: Your data is stored on Supabase servers in the EU West (Ireland) region.
  • Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). API keys you provide are stored with additional encryption.
  • Access control: All database queries are scoped by authenticated user ID. Your data is never accessible to other users.
  • Retention: We retain your data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where retention is required by law.

6. Your Rights

6.1 Rights for All Users

  • Access: Request a copy of your personal data.
  • Correction: Update or correct inaccurate data via your Settings page or by contacting us.
  • Deletion: Request deletion of your account and personal data.
  • Export: Request a portable copy of your data.

6.2 Additional Rights for EEA/UK Users (GDPR)

  • Restriction of processing: Request that we limit how we use your data.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Where processing is based on consent, withdraw it at any time.
  • Data portability: Receive your data in a structured, machine-readable format.
  • Lodge a complaint: File a complaint with your local data protection authority.

6.3 California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used.
  • Request deletion of your personal information.
  • Opt out of the "sale" of personal information (we do not sell personal data).
  • Not be discriminated against for exercising your rights.

7. International Data Transfers

Our primary data storage is in the EU (Ireland). Some of our service providers (Google, Vercel, Stripe) may process data in the United States. Where data is transferred outside the EEA, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms to ensure adequate protection.

8. Children's Privacy

ChaseAI is not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal data, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new "Last updated" date. For significant changes, we may also notify you via email.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

For GDPR-related inquiries, you may also contact your local supervisory authority.