What makes AnsrFast different?

AnsrFast is more than an AI assistant that answers questions. It connects directly to your help center and toolstack to deliver instant, accurate support and autonomously resolve operational requests.

How long does it take to set up?

Setup takes only a few minutes. Connect your help center, let AnsrFast sync your content, define the actions the AI is allowed to perform, and embed it in your product or website.

Is it safe to allow the AI to act in our system?

Yes. AnsrFast is built with a strict safety and permissions layer. You decide exactly what the AI can and cannot do.

Privacy Policy

Last updated: December 16, 2025

This Privacy Policy explains how SUMPLER (“we”, “us”, “our") processes personal data when:

(a) you visit our website https://www.ansrfast.com;

(b) you create or use an AnsrFast account as a business user (administrator, agent, or authorized user of a Customer account); or

IMPORTANT – END USERS OF OUR CUSTOMERS’ EMBEDDED CHATBOT

If you are an end user interacting with a chatbot embedded on a Customer’s website/help center (the “Embedded Chat”), the Customer is typically the data controller for that interaction and SUMPLER (AnsrFast) processes end-user personal data on the Customer’s behalf as a data processor. In that context, the Customer’s privacy notice applies. This Privacy Policy does not replace the Customer’s privacy notice for end-user interactions.

1) Who we are (Data Controller for this Privacy Policy)

Data Controller:

SUMPLER

15 Rue des Halles, 75001 Paris, France

Email: contact@ansrfast.com

SUMPLER develops and operates AnsrFast, a platform that enables businesses to create and manage AI chatbots for customer support and to handle written conversations with end users.

2) Scope

This Privacy Policy applies to personal data processed by SUMPLER as a controller for:

Website visitors (www.ansrfast.com)
Business users of the AnsrFast application (account owners/admins/agents)
Support and communications with us
Authentication flows (including Google Sign-In)
Billing and subscription administration
Product usage analytics (as configured)

For end users interacting with a Customer’s Embedded Chat:

The Customer is the controller.
SUMPLER (AnsrFast) acts as a processor on the Customer’s behalf under a Data Processing Addendum (DPA).
End users should consult the Customer’s privacy notice and contact the Customer to exercise privacy rights.

3) Personnal data we collect (as Controller)

3.1 Account and Profile Data (business users)

Name
Email address
Password hash (we never store the plain password)
Company name (optional)
Profile picture (if provided)
Role/permissions (admin/agent)

3.2 Google Sign-In / OAuth Data (business users)

If you choose Google Sign-In, we receive:

Google account email
Basic profile information (name, profile photo)
Google user ID
OpenID Connect tokens strictly necessary for authentication

Scopes requested: openid, email, profile (minimum needed for authentication only).

We do not request access to Gmail, Drive, Calendar, Contacts, Photos, YouTube, or sensitive Google scopes.

We comply with the Google API Services User Data Policy (including Limited Use requirements) for Google OAuth data.

3.3 Usage Data (website/app)

Collected automatically when you access the Service:

IP address
Device and browser information
Pages viewed and actions performed
Timestamps, logs, and error reports
Referrer information
Approximate location (country-level) derived from IP

3.4 Support & Communications

When you contact us, we may process:

Your contact details
The content of your message
Any information you choose to share for troubleshooting

3.5 Billing & Payment Data

Payments may be processed by payment providers (e.g., Stripe). We may receive:

Billing name/email
Billing address (if required for invoicing)
Subscription status and payment history
Limited card metadata (e.g., last 4 digits, from the payment provider)

Payment card details are stored by the payment provider, not by us.

3.6 Cookies & Analytics

We may use privacy-friendly analytics tools (e.g., Plausible) and/or other analytics depending on configuration.

We do not use analytics for targeted advertising.

4) End-user data processed on behalf of customers (Processor context)

When a Customer embeds the AnsrFast chatbot, SUMPLER may process certain end-user data on the Customer’s behalf, such as:

Conversation content (messages) and metadata (timestamps, conversation IDs)
End-user identity attributes provided by the Customer via a snippet (e.g., first name, last name, email, profile picture or URL, user ID)
Technical data (IP address, user-agent, logs/events)

In this context:

The Customer determines the purposes and means of processing (support operations).
SUMPLER processes data only to provide the Service and according to the Customer’s instructions under the DPA.
End users should contact the Customer to exercise rights (access, deletion, objection, etc.). If an end user contacts SUMPLER directly, we may redirect the request to the relevant Customer where legally permitted and reasonably possible.

5) How we use personal data (as Controller)

We use personal data to:

Provide and operate the Service (account creation, authentication, session management)
Manage subscriptions, billing, and invoicing
Provide support and respond to inquiries
Ensure security, prevent abuse, and monitor reliability
Improve product performance and user experience (using aggregated metrics where possible)
Comply with legal obligations

6) Legal bases (GDPR)

We rely on:

Contract performance (to provide and support the Service)
Legitimate interests (security, fraud prevention, product reliability, business operations)
Consent (where required for optional cookies/marketing communications)
Legal obligation (e.g., accounting, compliance requests)

7) Data sharing (as Controller) & Service providers

We share data only with service providers acting on our behalf, only as necessary, and under appropriate contractual safeguards.

Examples of service provider categories may include:

Hosting/infrastructure and CDN (e.g., Vercel, Cloudflare)
Database hosting (e.g., Neon on AWS EU regions)
Email delivery (e.g., Resend)
Real-time messaging infrastructure (e.g., Ably)
Background jobs/automation (e.g., Trigger)
Payment processing (e.g., Stripe)
Analytics (e.g., Plausible and/or others depending on configuration)

We do not sell personal data.

8) International transfers

Your data may be processed in countries outside your country of residence, including outside the EU/EEA. Where required, we rely on appropriate safeguards such as:

Standard Contractual Clauses (SCCs),
adequacy decisions (where applicable),
and additional technical/organizational measures.

9) Data retention

We retain personal data only as long as necessary for the purposes described above, including:

Account data: for as long as the account is active, and for a limited period thereafter as necessary for legal, security, or dispute purposes.
Logs: retained for security and diagnostics for a limited period.
Billing data: retained as required by applicable accounting/tax laws.

End-user conversations (Processor context)

Conversation data processed on behalf of Customers is retained according to our DPA and the Customer’s instructions. Our current default retention for conversation messages is for the life of the Customer account and for one (1) year after account deletion, unless earlier deletion is requested by the Customer and is reasonably feasible.

10) Security

We implement appropriate technical and organizational measures, including:

HTTPS/TLS encryption in transit
Secure password hashing
Access controls and least privilege
Monitoring and incident response
Use of reputable infrastructure providers

No system is perfectly secure, but we continuously work to protect data.

11) Your rights

11.1 GDPR rights (for business users / website visitors)

Depending on your location and applicable law, you may have rights to access, correct, delete, restrict, object, and request portability. You may also withdraw consent where processing is based on consent.

To exercise these rights, contact: contact@ansrfast.com

11.2 End users of a Customer’s Embedded Chat

End users should contact the Customer (the controller) to exercise rights regarding end-user chat data. If you contact us, we may redirect your request to the Customer.

11.3 California (CCPA/CPRA)

If applicable, you may have rights to know, access, delete, correct, and opt out of sale/sharing (we do not sell personal data). Contact: contact@ansrfast.com

12) Children

AnsrFast is not intended for children under 13 (or 16 where applicable). We do not knowingly collect data from children.

13) Third-party links

Our Service may link to third-party websites/services. Their privacy practices are governed by their own policies.

14) CHANGES

We may update this Privacy Policy. We will post updates and revise the “Last updated” date.

15) CONTACT

Privacy questions or requests: contact@ansrfast.com