Version: 2.0 – Last updated: May 19, 2026.
These legal terms are written in French. Any translation, particularly into English, is provided for informational purposes only. In case of any discrepancy, ambiguity, or difficulty in interpretation between the French version and a translated version, the French version alone shall prevail.

Ask Technologies Privacy Policy

1. Introduction

Ask Technologies is a company offering a SaaS platform for configuring and deploying AI chatbots using RAG (Retrieval-Augmented Generation). The purpose of this privacy policy is to explain what personal data is collected when using our services, how it is used and protected, and what your rights are in this regard.

Polaria is firmly committed to protecting the confidentiality of its users' personal data. We process data in accordance with the General Data Protection Regulation (GDPR) and applicable privacy laws. Our commitment is reflected in the implementation of appropriate security measures and transparency regarding our data processing practices.

2. Data Collected

Ask Technologies limits the collection of personal data to what is strictly necessary. Depending on the case, collected data comes from two main sources:

   From the Back-office: When you use Polaria's back-office (administration interface), we collect certain personal information about you. This includes your first name, last name, email address, as well as connection logs (e.g., connection dates and times, potentially the IP address used). This data is provided when you create your administrator account and during your subsequent connections to manage your access to the platform.

   From the Chatbot: By default, no personal data is collected via chatbots deployed with our platform. End-user interactions with the chatbot are not recorded or associated with a personal identity by Polaria, unless otherwise explicitly configured by the client. In other words, the chatbot can be used without Polaria collecting any personal information about end-users.

3. Purpose of Data Collection

Polaria collects personal data for specific and legitimate purposes:

   Back-office Data: Information collected via the back-office is used exclusively to ensure the proper functioning of the product and service. Specifically, this allows us to manage your user accounts, authenticate your connections, provide you with access to chatbot configuration features, and ensure customer support or the communication of important service-related information. This data can also help us improve the platform and guarantee its security (for example, by monitoring connection logs to detect potential suspicious activities).

   Chatbot Data: By default, as the chatbot does not collect personal data, no personal data is used in this context. The chatbot provides its responses based on data configured by the client (knowledge bases, documents, etc.) without needing to process personal information about the end-user. Thus, there is no processing purpose involving personal data for interactions with the chatbot, unless a client voluntarily decides to collect certain information through it (in which case, that client would be responsible for defining the purpose and informing their users).

4. Data Sharing

Ask Technologies does not share any personal data with third parties. Your data is neither sold, rented, nor transmitted to entities outside Polaria, whether for commercial or other purposes. All data we collect remains confidential and is used solely for the purposes described above.

In exceptional cases, we may be required to disclose certain data if legally mandated or in response to a lawful request from competent authorities. Aside from such potential legal requirements, no personal data is shared with third parties without your explicit consent.

5. Data Storage and Security

The security of your data is a priority for Polaria. We implement robust technical and organizational measures to ensure the integrity and confidentiality of your personal information.

   Data Security: All collected personal data is protected according to industry best practices. We use data encryption during transfers (SSL/TLS protocols) and, where applicable, encryption of data at rest on our servers or databases. Access to personal information is strictly controlled – only authorized Polaria personnel (or client personnel, in the case of dedicated servers) who require it to operate the service can access it, in compliance with confidentiality commitments. We have also implemented protection mechanisms against intrusions and malicious software (firewalls, intrusion detection systems, etc.), and regularly update our systems to prevent vulnerabilities.

   Storage and Hosting: Data is stored on secure infrastructures. Storage can be adapted based on our clients' needs. Some clients opt for hosting their Polaria instance on private dedicated servers, meaning their data is isolated on their own infrastructure (e.g., a private cloud or a reserved on-premise server). In all cases, whether data is hosted on a shared Polaria cloud or a dedicated server, we ensure the same level of security and confidentiality requirements are applied. If data is hosted by a trusted cloud infrastructure provider, Polaria ensures that this provider offers adequate data protection guarantees and that no illegal data transfer outside the European Union occurs without the required safeguards.

6. User Rights

In accordance with the GDPR and applicable laws, users with an account on Polaria's back-office benefit from all rights regarding their personal data. This notably includes:

   Access Right: You can obtain confirmation that personal data concerning you is being processed by Polaria, and receive an intelligible copy of it;
   Right to rectification: you can request the correction of inaccurate or incomplete information about you so that it is up to date;
   Right to erasure (right to be forgotten): you can request the deletion of your personal data, particularly if it is no longer necessary for the purposes for which it was collected or processed;
   Right to restriction of processing: in certain cases provided by law, you can request the temporary suspension of the use of your data (for example, while its accuracy is verified or an objection is being assessed);
   Right to object: you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Polaria's legitimate interest. In such a case, we will cease this processing unless there are compelling legitimate grounds for the continuation of the processing. (Note: Given that back-office data is primarily processed on a contractual basis, this right may not apply outside of processing for marketing communication purposes, which we do not carry out without explicit consent);
   Right to data portability: you can request to receive the personal data you have provided to Polaria in a structured, commonly used, and machine-readable format, or to have it transmitted to another data controller where technically feasible.

To exercise any of these rights, simply contact us (see the Contact section below). We may ask you to verify your identity to secure access to your personal information when making such requests. We commit to responding to any valid request within the legal deadlines (generally a maximum of 1 month, extendable by two months if necessary depending on the complexity of the request).

It should be noted that, by default, no personal data of end-users of chatbots deployed via Polaria is collected by Polaria. However, if a chatbot were configured by a client to collect personal data (for example, requesting a contact email during a conversation), the end-user should exercise their rights directly with the client operating the chatbot, as the latter would then be responsible for processing such data.

7. Legal Basis for Processing

Polaria processes personal data only when an appropriate legal basis, as defined by the GDPR, applies:

   Back-office: The collection and processing of back-office data are necessary for the performance of the contract between the user and Polaria for the use of the platform (Article 6(1)(b) of the GDPR). By creating an account and using our service, you are indeed entering into an agreement with Polaria, and the processing of your identification data (name, email, etc.) is essential to provide you with access to functionalities, maintain your account, and more generally fulfill our contractual obligations (such as allowing you to manage your chatbots). Additionally, certain related processing activities may be based on Polaria's legitimate interest (Article 6(1)(f) of the GDPR), for example, to ensure platform security or improve the service, but in all cases, these processing activities do not infringe upon your fundamental rights and freedoms.

   Chatbot: By default, no personal data is collected via the chatbot, meaning there is no processing of personal data that requires a specific legal basis for this functionality. If no personal data is processed, the requirement for a legal basis does not apply. Should a Polaria client configure the chatbot to process end-user personal data (for example, to provide a personalized service requiring their name or contact information), it would be their responsibility to ensure that this is based on a valid legal basis (e.g., the end-user's consent or the performance of a service requested by them) and to mention it in their own privacy policy. However, Polaria's standard operation does not involve such processing.

8. Retention Period

Polaria ensures that personal data is not retained longer than necessary for the purposes for which it was collected. The retention periods are defined as follows:

   Back-office Data: Your personal data related to the back-office (account information, connection logs, etc.) is retained for the entire duration of your use of our services and as long as your account is active with Polaria. In other words, we keep this information as long as you use the platform and have not deleted your account. In the event of your account deletion or prolonged inactivity, your data will either be deleted or securely archived (if longer retention is required for legal obligations or dispute resolution). For example, if you decide to close your account, we may retain certain data for the statutory limitation period or accounting obligations, but it will be deactivated from the active system and accessible only in a restricted manner. Beyond these periods, the data will be permanently deleted or anonymized.

   Chatbot Data: By default, as stated, Polaria does not store personal data from chatbot conversations. In this case, the question of retention period does not arise, as no data is retained after the interaction. Nevertheless, our platform offers each client (the company deploying a chatbot via Polaria) the option to configure the retention of certain conversation data if necessary for their use. The retention period for chatbot data is therefore configurable by each client according to their own needs and constraints. For example, a client might decide to retain conversation histories for a few days to improve their service or process requests, or to retain nothing at all. Polaria strictly applies the parameters defined by the client: if a client chooses limited retention (e.g., automatic deletion after X days), the data will be automatically deleted in accordance with that choice. In the absence of specific instructions from the client, no personal chatbot data is retained beyond the chat session.

9. Contact

If you have any questions regarding this privacy policy, or if you wish to exercise your rights regarding your personal data, you can contact our Data Protection Officer (DPO).

   Contact DPO: dpo (at) polaria (dot) ai

Polaria's DPO is responsible for ensuring the company's compliance with data protection regulations. They will respond to your requests for information or exercise of rights as quickly as possible.

We encourage our users to contact us for any requests or concerns regarding their personal data. We take the protection of your data seriously and will do what is necessary to provide a satisfactory solution. If, however, you believe that we have not adequately addressed your concerns, you also have the right to lodge a complaint with the competent supervisory authority, such as the CNIL (French Data Protection Authority) in France.