Skip to main content

Privacy Policy

Last Updated: December 2025

This Privacy Policy describes how Badger ("Badger", "we", "us", "our") collects, uses, stores, and protects personal data in connection with its platforms Asfur and Chatifai (collectively, the "Services").

Badger is committed to protecting personal data and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), ISO/IEC 27001, and SOC 2 Trust Services Criteria.

1. Scope

This Privacy Policy applies to:

  • Visitors to Badger websites
  • Users of Asfur and Chatifai
  • Customers, partners, and authorized end users

2. Roles Under Data Protection Law

  • Customers are typically the Data Controllers of personal data processed through the Services.
  • Badger acts as a Data Processor, except where Badger determines purposes and means of processing (e.g., account administration).

3. Personal Data We Process

Depending on the Service and use case, we may process:

  • Account information (name, email, organization, role)
  • Authentication data (hashed credentials, access tokens)
  • Usage and interaction data (queries, logs, timestamps)
  • Technical data (IP address, device, browser)
  • Customer-provided content and knowledge assets

Badger does not sell personal data.

4. Purposes of Processing

We process personal data to:

  • Provide and operate the Services
  • Secure access and prevent misuse
  • Deliver AI-powered interactions and analytics
  • Maintain audit logs and compliance oversight
  • Improve performance and reliability
  • Comply with legal obligations

5. Legal Bases (GDPR)

Processing is based on one or more of the following:

  • Performance of a contract
  • Legitimate interests (security, service improvement)
  • Legal obligations
  • User consent (where required)

6. AI Processing and Data Usage

  • Customer content is processed solely to provide the Services
  • AI outputs are generated based on customer-authorized knowledge
  • Customer data is not used to train public or shared AI models
  • Access is role-based and logged

7. Cookies and Tracking

Badger uses essential and optional cookies as described in the Cookie Notice. Users can manage preferences at any time.

8. Data Retention

  • Personal data is retained only as long as necessary for the stated purposes
  • Logs and audit data are retained in accordance with contractual and regulatory requirements

9. Data Security

Badger implements technical and organizational measures aligned with:

  • ISO/IEC 27001
  • SOC 2 Type I / II controls

Measures include access controls, encryption, monitoring, and incident response procedures.

10. Data Subject Rights

Where applicable, individuals may exercise rights to:

  • Access
  • Rectification
  • Erasure
  • Restriction
  • Portability
  • Objection

Requests may be submitted via: contact@badgerdefence.com

11. International Transfers

Where data is transferred outside the EEA, appropriate safeguards are applied, including Standard Contractual Clauses.

12. Sub-Processors

Badger may engage vetted sub-processors for infrastructure and services. A current list is available upon request.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated.

14. Contact

Badger

Email: contact@badgerdefence.com