This section details how you can use Gus services to facilitate compliance with privacy laws, including but not limited to the European GDPR privacy regulation. Retention: Certain privacy laws may require that you only retain the personal data your chatbot collects for the period necessary to achieve the purpose for which the data was collected. Gus only retains personal data for the period you indicate. If such period is not stated, Gus will retain personal data for a period of nine months, after which the personal data is deleted. Specific consent: Certain privacy laws require that whenever a data subject, for example, your customer or your website visitor, is about to submit their personal information, the data controller, for example, your company, has to ensure that the data subject has provided consent. The GDPR states that such consent must be freely given, specific, informed and unambiguous, and controllers must use clear and plain legal language that is “clearly distinguishable from other matters.” In addition, the GDPR requires the data subject to indicate agreement by a clear affirmative statement or action. Your customer cannot be forced to consent or be unaware that they are consenting to the processing of their personal data. They must also know exactly what they are consenting to and must be informed in advance of their right to withdraw that consent. Obtaining consent requires a positive indication of agreement; it cannot be inferred from silence or previously checked boxes. Gus's chatbot can provide the function to obtain consent and, if required by the data subject, Gus has procedures in place to withdraw such consent. With Gus, you can ensure the chatbot clearly and specifically asks for consent to use the information it collects. Records: The consent granted by the data subject in the Gus chatbot is recorded so that you can obtain and show said consent to the requesting authority if audited. Data subject rights: Gus has procedures in place for data subjects to exercise their rights, e.g. the right to be forgotten, data portability, etc., as set out in the GDPR. The data subject's request will be dealt with within the timescales set out in the GDPR or applicable law. Disclaimer: This website is not intended to provide legal advice. You should not rely on this website for legal advice, or as a recommendation as to any particular legal understanding. Our goal is to provide background information to help you understand how Gus addresses some important legal points. This information is not the same as legal advice in which a lawyer applies the law to your particular circumstance. Therefore, we suggest you consult a lawyer for help in interpreting this information, including its accuracy. Information security: Protecting the information of our customers, suppliers, visitors and employees is Gus' number 1 priority. To learn about our approach, you can consult our Information Security Policy at https://gus.chat/politica-de-seguridad-de-la-informacion/