diff --git a/app/controllers/base_chats_controller.rb b/app/controllers/base_chats_controller.rb
index 73d3acc1..779365b8 100644
--- a/app/controllers/base_chats_controller.rb
+++ b/app/controllers/base_chats_controller.rb
@@ -38,6 +38,8 @@ def create
 
   # DELETE /chats/1 or /chats/1.json
   def destroy
+    authorize @chat
+
     @chat.destroy!
 
     respond_to do |format|
diff --git a/app/policies/chat_policy.rb b/app/policies/chat_policy.rb
new file mode 100644
index 00000000..b2b89c48
--- /dev/null
+++ b/app/policies/chat_policy.rb
@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+class ChatPolicy < ApplicationPolicy
+  attr_reader :user, :chat
+
+  def initialize(user, chat)
+    @user = user
+    @chat = chat
+  end
+
+  def create?
+    true # Users can create chats
+  end
+
+  def show?
+    true # Users can view chats (may need to restrict this later)
+  end
+
+  def update?
+    user.admin? || chat.user_id == user.id
+  end
+
+  def edit?
+    update?
+  end
+
+  def destroy?
+    user.admin? || chat.user_id == user.id
+  end
+end
diff --git a/app/views/chats/show.html.erb b/app/views/chats/show.html.erb
index 3fef78f2..0e0b29f9 100644
--- a/app/views/chats/show.html.erb
+++ b/app/views/chats/show.html.erb
@@ -8,13 +8,15 @@
         <%= link_to (@chat.first_message ? @chat.first_message.truncate(100) : "Chat"), @chat %>
       </h1>
     </div>
-    <div>
-      <%= button_to @chat, method: :delete, data: { confirm: 'Are you sure?' }, class: 'text-red-500 hover:text-red-800 flex items-center' do %>
-        <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-6 h-6">
-          <path stroke-linecap="round" stroke-linejoin="round" d="m14.74 9-.346 9m-4.788 0L9.26 9m9.968-3.21c.342.052.682.107 1.022.166m-1.022-.165L18.16 19.673a2.25 2.25 0 0 1-2.244 2.077H8.084a2.25 2.25 0 0 1-2.244-2.077L4.772 5.79m14.456 0a48.108 48.108 0 0 0-3.478-.397m-12 .562c.34-.059.68-.114 1.022-.165m0 0a48.11 48.11 0 0 1 3.478-.397m7.5 0v-.916c0-1.18-.91-2.164-2.09-2.201a51.964 51.964 0 0 0-3.32 0c-1.18.037-2.09 1.022-2.09 2.201v.916m7.5 0a48.667 48.667 0 0 0-7.5 0" />
-        </svg>
-      <% end %>
-    </div>
+    <% if policy(@chat).destroy? %>
+      <div>
+        <%= button_to @chat, method: :delete, data: { turbo_confirm: 'Are you sure you want to delete this chat? This action cannot be undone.' }, class: 'text-red-500 hover:text-red-800 flex items-center' do %>
+          <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" class="w-6 h-6">
+            <path stroke-linecap="round" stroke-linejoin="round" d="m14.74 9-.346 9m-4.788 0L9.26 9m9.968-3.21c.342.052.682.107 1.022.166m-1.022-.165L18.16 19.673a2.25 2.25 0 0 1-2.244 2.077H8.084a2.25 2.25 0 0 1-2.244-2.077L4.772 5.79m14.456 0a48.108 48.108 0 0 0-3.478-.397m-12 .562c.34-.059.68-.114 1.022-.165m0 0a48.11 48.11 0 0 1 3.478-.397m7.5 0v-.916c0-1.18-.91-2.164-2.09-2.201a51.964 51.964 0 0 0-3.32 0c-1.18.037-2.09 1.022-2.09 2.201v.916m7.5 0a48.667 48.667 0 0 0-7.5 0" />
+          </svg>
+        <% end %>
+      </div>
+    <% end %>
   </div>
   <% if @chat.webhook %>
     <div class="mt-2 bg-green-500 text-white p-2 text-xs rounded inline-block max-w-max">