Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Jenny (GetJenny) is a Finnish AI-powered chatbot platform used by businesses to automate customer service conversations. As a Finnish company with EU-based infrastructure, GDPR applies directly and no third-country transfers are required. It is one of the most privacy-compliant AI chatbot platforms available for European organisations, with strong Nordic compliance credentials.
Jenny is an AI-powered chatbot platform developed by GetJenny, a Finnish company founded in Helsinki. It enables businesses to build, deploy, and manage AI chatbots for customer service, FAQ automation, and lead generation across websites and messaging channels. Jenny uses natural language processing to understand and respond to customer queries, with human handoff capabilities for complex cases. As a Finnish company operating under Finnish and EU law, Jenny processes all data within the EU.
Jenny collects chatbot conversation content, visitor IP addresses, browser and device information, and session identifiers. When integrated with CRM systems, it may also process customer account data to personalise responses. Conversation logs are retained for model training and quality improvement, with configurable retention periods. All data is processed on EU-based infrastructure.
Jenny''s Finnish origins give it a significant GDPR compliance advantage over non-EU AI chatbot platforms. All data processing occurs within the EU, no transfer mechanism is required, and the platform is designed with Nordic compliance standards in mind. The ePrivacy Directive still requires consent for cookies set by the chat widget, and the AI processing of conversation content should be disclosed in the privacy policy.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Consent is required before the Jenny widget script loads under the ePrivacy Directive for non-essential cookies. For conversation data when a user actively initiates a chat, legitimate interest may apply. The consent notice is simpler than for US-based alternatives as no third-country transfer needs to be disclosed.
Obtain ePrivacy consent before the widget loads. Include a privacy notice in the chat interface noting EU data storage. Sign a DPA with GetJenny. Update your privacy policy to describe AI conversation processing and EU data location. Configure conversation log retention limits. Document the processing in your RoPA noting the EU data location.
Websites using Jenny must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is generally not required for standard Jenny deployments given the EU data location. It becomes advisable when Jenny processes sensitive personal data in conversations at scale, particularly in healthcare or financial services contexts.
Sample consent text
We use Jenny to provide AI-powered chat support. Jenny processes your conversation data on servers in Finland and the EU. Please accept to enable the chat assistant.
Third-party domains contacted
getjenny.comapi.getjenny.comcdn.getjenny.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| jenny_session | session | Session | Session identifier used to maintain the active Jenny AI chatbot conversation — EU hosted |
Jenny uses cookies for user preferences — inform visitors with a consent banner.
Jenny collects chatbot conversation content, visitor IP addresses, browser and device information, and session identifiers. When integrated with CRM systems, it may process customer account data. All data is processed on EU-based servers.
Yes, for non-essential cookies before the widget loads. For conversation data when a user actively initiates a chat, legitimate interest may apply. The EU data location means no transfer disclosure is needed in the consent notice.
Consent (Art. 6(1)(a)) for cookies. Legitimate interest (Art. 6(1)(f)) for conversation data when a user actively initiates support. The EU data location simplifies the legal basis analysis compared to US-hosted alternatives.
No. Jenny is a Finnish company processing all data within the EU. No transfer mechanism is required, making it one of the most GDPR-compliant AI chatbot platforms available.
Generally not for standard deployments. A DPIA becomes advisable if Jenny processes sensitive personal data in conversations at scale, particularly in healthcare or financial services.
Obtain ePrivacy consent before loading. Include a privacy notice noting EU data storage. Sign a DPA with GetJenny. Configure retention limits. Update your privacy policy. Document the processing in your RoPA noting the EU data location.
Jenny processes all data within the EU, eliminating third-country transfer risks entirely. No SCCs or Transfer Impact Assessments are needed. This is a decisive advantage over US-based AI chatbot platforms for European organisations.
Add entries for Jenny session and functional cookies. Note EU data storage. Reference GetJenny as a processor subject to Finnish and EU data protection law. No transfer disclosure is required.