Privacy Policy

Last Updated: October 27, 2025

Introduction

The Sophia Project respects your privacy. This Privacy Policy describes what data we collect, how we use it, and what rights you have.

Data We Collect

1. Visit Analytics

We use Google Tag Manager and Facebook Pixel to collect anonymous visit statistics:

  • Pages you view
  • Time spent on the site
  • Source of referral to the site
  • Device type and browser
  • Approximate location (country/city)

Purpose: To understand how visitors use the site in order to improve content and navigation.

Legal Basis: Legitimate interest in improving the service.

2. Comments (Disqus)

If you leave a comment through Disqus, the Disqus Privacy Policy applies.

Disqus may collect:

  • Your name and email (if you provide them)
  • Comment content
  • IP address
  • Cookies for service functionality

Management: You can delete your comments at any time through the Disqus interface.

3. Chat with Sophia (Authentication)

To use the chat with AI "Sophia," authentication through AWS Cognito is required:

We collect:

  • Email address (for user identification)
  • Access tokens (for secure authorization)
  • Content of conversations with Sophia (all messages and responses are logged)

Conversation Logging:

  • All questions and answers in the chat are saved in Lambda function logs (AWS CloudWatch)
  • The project administrator has access to these logs
  • Purpose: monitoring response quality, research, system improvement
  • Retention: up to 30 days, then automatically deleted

Important: Do not use the chat to discuss confidential, personal, or sensitive information.

Purpose: Prevent abuse, improve AI quality, research purposes.

Legal Basis: Necessity for providing the service and protection against abuse.

4. Rate Limiting

We use AWS DynamoDB to store information about request limits:

  • User email
  • Number of chat requests per day
  • Time of last request

Data is automatically deleted after 24 hours.

Purpose: Protection against abuse and API cost control.

5. Server Logs

The web server automatically records:

  • IP address
  • User-Agent (browser type)
  • Requested URLs
  • Date and time of request

Retention: Up to 30 days, then automatically deleted.

Purpose: Technical diagnostics and security.

Cookies

We use cookies for:

  1. Google Tag Manager — analytics (third-party cookies)
  2. Facebook Pixel — analytics and advertising targeting (third-party cookies)
  3. Disqus — comment functionality (third-party cookies)
  4. AWS Cognito — authentication token storage (functional cookies)

Cookie Management: You can disable cookies in your browser settings, but this may limit site functionality (for example, chat will not work).

How We Use Data

  • Site Improvement — analyzing user behavior to optimize content
  • Service Provision — chat with Sophia, comments
  • Security — protection against spam and abuse
  • Technical Support — problem diagnostics

We DO NOT:

  • Sell your data
  • Transfer data to third parties (except service providers: Google, Facebook, Disqus, AWS)
  • Use data for marketing without your consent

Third Parties

We use the following services:

Service Purpose Privacy Policy
Google Tag Manager Analytics Privacy Policy
Facebook Pixel Analytics Privacy Policy
Disqus Comments Privacy Policy
AWS (Cognito, Lambda, DynamoDB) Authentication, hosting Privacy Policy
Disqus API Comment count Privacy Policy

Your Rights (GDPR)

If you are located in the European Union, you have the following rights:

  • Right to Access — request a copy of your data
  • Right to Rectification — correct inaccurate data
  • Right to Erasure — delete your data ("right to be forgotten")
  • Right to Restriction of Processing — restrict data usage
  • Right to Data Portability — receive data in a machine-readable format
  • Right to Object — object to data processing

How to Exercise Your Rights: Email contact@thesophia.ai with the subject "GDPR Request".

Data Security

We take measures to protect your data:

  • Encryption — HTTPS across the entire site
  • AWS Security — using secure AWS services
  • Data Minimization — we collect only what is necessary
  • Automatic Deletion — temporary data is automatically deleted

However, no method of data transmission over the internet is 100% secure.

Policy Changes

We may update this policy. The date of the last update is indicated at the top of the page.

In case of significant changes, we will publish a notice on the site's home page.

Contact

For privacy questions:

Email: contact@thesophia.ai
Subject: "Privacy Policy"

Disclaimer (Sophia Chat)

Important: The chat with AI "Sophia" is provided "as is" for research purposes.

  • Sophia is an AI model, not a human
  • Responses may contain inaccuracies or errors
  • Do not use the chat for medical, legal, or financial advice
  • We are not responsible for decisions made based on conversations with Sophia

By using the chat, you agree to these terms.

Thank you for visiting the Sophia Project!