Shisa Talk
Back to Terms

Privacy Policy

Last updated: December 5, 2025

At Shisa Inc. ("Shisa", "we", "our", or "us"), we respect your privacy and are committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to personal data that we collect from or about you when you use our website, applications, and services (collectively, "Services").

Third-Party Applications: If you use our APIs or services to build applications for third parties, you are responsible for your own privacy practices and compliance with applicable laws. We are not responsible for the privacy practices of applications built using our services.

Part I: Privacy Protections

Your rights, our security practices, and how we protect your information

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account or sign up for our services
  • Request information about our products or services
  • Submit inquiries through our contact forms
  • Subscribe to our newsletters or communications
  • Participate in surveys or feedback requests

This information may include: name, email address, company name, phone number, job title, and any other information you choose to provide.

1.2 Usage Data

We automatically collect certain information when you use our services, including:

  • API usage metrics and patterns
  • Device information (browser type, operating system, IP address)
  • Log data and analytics information
  • Performance and error data

1.3 User Content

We collect personal data that you provide in the input to our services ("User Content"), including your prompts, text, audio files, images, and other content you submit through our APIs and applications, depending on the features you use.

Paid Products and API Services

For paid subscription tiers (including API access and B2C products), we do not use User Content to train or improve our AI models without your explicit written permission. Your content is processed solely to deliver the requested service.

Free Tier Services

For free tier services, we may use User Content you provide to train and improve the AI models that power our products. If you do not want us to use your Content for training purposes, please consider upgrading to a paid tier or contact us at contact@shisa.ai to discuss your options.

De-identification for Training Data

When User Content is used to create training data sets, we actively de-identify and remove personally identifiable information (PII) before inclusion in any training data. See Section 2 (De-identification of Data) for more details on our de-identification practices.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Service Delivery and Improvement

  • Providing, operating, and maintaining our AI services and APIs
  • Processing API requests and delivering results
  • Improving and optimizing our AI models and service performance
  • Developing new features and products

2.2 Customer Support

  • Responding to your inquiries and support requests
  • Troubleshooting technical issues
  • Providing customer assistance and guidance

2.3 Communication and Marketing

  • Sending service updates and technical notifications
  • Providing information about new features and products (with your consent)
  • Sending newsletters and marketing materials (you can opt-out anytime)

2.4 Analytics and Research

  • Analyzing usage patterns to improve our services
  • Conducting research to advance AI technology
  • Generating aggregated, anonymized statistics

De-identification of Data

We may aggregate or de-identify personal data so that it no longer identifies you and use this information for the purposes described above, such as to analyze the way our services are being used, to improve and add features to them, and to conduct research. We will maintain and use de-identified information in de-identified form and not attempt to re-identify the information, unless required by law.

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website and analyze usage patterns. Cookies are small data files stored on your device.

Types of Cookies We Use:

  • Essential Cookies: Necessary for the website to function properly
  • Analytics Cookies: Help us understand how visitors interact with our website
  • Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect website functionality.

4. Your Rights

Depending on where you live, you may have certain statutory rights in relation to your personal data. For example, you may have the right to:

Right to Access

Access your personal data and information relating to how it is processed

Right to Correction

Update or correct your personal data

Right to Deletion

Delete your personal data from our records

Right to Portability

Transfer your personal data to a third party

Right to Restrict Processing

Restrict how we process your personal data

Right to Withdraw Consent

Withdraw your consent where consent is the legal basis for processing

Right to Object

Object to how we process your personal data

Right to Lodge a Complaint

Lodge a complaint with your local data protection authority

Exercising Your Rights

To exercise any of these rights, please contact us at contact@shisa.ai. We will respond to your request in accordance with applicable law.

A Note About Accuracy

Our AI services generate responses by predicting the words most likely to appear next based on input. In some cases, the output may not be factually accurate. If you notice that our AI output contains factually inaccurate information about you and you would like to request a correction or removal, please contact us at contact@shisa.ai.

Part II: Data Policy

How we collect, use, retain, and process your data

5. Data Retention Policies

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Account Information

Retained while your account is active and for a reasonable period after account closure for legal and business purposes.

User Content (Raw)

User Content includes prompts, text inputs, audio files, images, and other media you submit through our services. Raw User Content is processed in real-time to deliver our services. For paid tier users, raw content is generally not retained beyond the immediate processing period, except as specified in your service agreement.

Raw logs containing User Content, metadata, and access logs are retained for a maximum period of two (2) years for security, abuse prevention, and legal compliance purposes, but may be deleted earlier at our discretion.

Anonymized Training Data Sets

Where permitted under Section 1.3 (User Content), we may process User Content to create training data sets for improving our AI models. Before inclusion in any training data set, content is:

  • De-identified with personally identifiable information (PII) removed or masked
  • Aggregated or transformed to prevent re-identification

Retention: Anonymized and de-identified training data sets may be retained indefinitely as they no longer constitute personal data. We maintain technical and organizational measures to ensure this data remains de-identified and do not attempt to re-identify individuals from these data sets.

API Usage Metrics

Aggregated usage metrics and billing data are typically retained for the duration of your account plus any period required for billing reconciliation or legal compliance.

Marketing Communications

Retained until you opt-out or we determine they are no longer relevant.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Employee training on data protection practices
  • Incident response and breach notification procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Third-Party Services and Data Sharing

We do not sell your personal information or share it for cross-contextual behavioral advertising. We may share your information with third parties only in the following circumstances:

  • Service Providers: We work with trusted third-party service providers who assist us in operating our services (e.g., cloud hosting, analytics). These parties access, process, or store personal data only in the course of performing their duties to us.
  • Legal Requirements: When required by law, court order, or legal process, or to protect our rights, privacy, safety, or property.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your personal data may be transferred as part of the transaction.
  • Affiliates: We may share personal data with our affiliates, who will use it in a manner consistent with this Privacy Policy.
  • With Your Consent: When you have given us explicit permission.

Third-Party Developers Using Our APIs

When you interact with applications built by third parties using our APIs, those third parties are responsible for their own privacy practices. Information you share with third-party applications is governed by their own terms and privacy policies. We are not responsible for the data practices of third-party developers or applications built using our services. You should review their privacy policies before sharing information with them.

8. International Data Transfers

Shisa processes your personal data on servers located in various jurisdictions, including processing and storing your personal data in our facilities and servers in the United States and Japan. While data protection law varies by country, we apply the protections described in this policy to your personal data regardless of where it is processed, and only transfer that data pursuant to legally valid transfer mechanisms.

9. Children's Privacy

Our services are not directed to, or intended for, children under 13. We do not knowingly collect personal data from children under 13. If you have reason to believe that a child under 13 has provided personal data to Shisa through the services, please contact us atcontact@shisa.ai. We will investigate any notification and, if appropriate, delete the personal data from our systems. Users under 18 must have permission from their parent or guardian to use our services.

10. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes your acceptance of the updated policy.

11. Contact Us for Privacy Concerns

Privacy Questions or Concerns?

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, or if you wish to exercise your privacy rights, please contact us:

Email: contact@shisa.ai

Privacy Officer: Shisa Inc.

For general inquiries, please visit our Support page.

Back to TermsTerms & Conditions