Privacy & Security Policy

Personal Information:

• Name and username
• Email address
• Phone number (optional)
• User profile information

Technical Information:

• IP address and approximate geographic location
• Browser and device information
• Cookies and tracking technologies
• Server logs and system activities

Business Information:

• Business name and type
• Assistant knowledge base content
• Assistant settings and configurations
• Performance statistics and reports

Service Provision:

• Setting up and managing AI assistants
• Processing and responding to user requests
• Providing technical support and customer service
• Improving service quality and performance

Analysis and Optimization:

• Analyzing usage patterns
• Improving AI algorithms
• Providing performance reports and statistics
• Developing new features

Security and Protection:

• Detecting and preventing suspicious activities
• Protection against cyber attacks
• Ensuring data integrity

Encryption:

• AES-256 encryption for stored data
• TLS 1.3 encryption for data transmission
• End-to-end encryption for sensitive messages

Access Control:

• Two-factor authentication (2FA)
• Role and permission management
• Continuous access monitoring
• Logging of all activities

Secure Infrastructure:

• Secure servers with valid certificates
• Automatic and continuous backups
• 24/7 system security monitoring
• Regular security updates

Messaging Platforms:

• Telegram: In compliance with Telegram's Privacy Policy, only essential information for bot functionality is received
• Bale: Secure connection with compliance to Bale's privacy policies
• WhatsApp: Using WhatsApp Business API in compliance with Meta's policies

Cloud Services:

• Using trusted providers compliant with SOC 2 standards
• Data Protection Agreements (DPA) with all partners
• No data sharing without explicit consent

Analytics Services:

• Google Analytics (anonymous and privacy-preserving)
• Performance monitoring services
• Security analysis tools

Connection Terms:

• Informed user consent before any connection
• Complete explanation of requested permissions
• Ability to revoke connection at any time
• Monitoring of authorized activities

Requested Permissions:

• Telegram: Send and receive messages, bot management
• Bale: API access, message sending
• WhatsApp: WhatsApp Business API access

User Control:

• View all active connections in user panel
• Instant access revocation with one click
• History of performed activities
• Access level settings for each platform

Account Deletion:

• Complete information deletion within 30 days
• Disconnection from all external platforms
• Deletion confirmation sent to user email
• Recovery option available for 30 days after deletion

Right to Access:

• View all stored personal information
• Receive complete copy of your data
• Information about how data is used

Right to Rectification:

• Edit personal information
• Update privacy settings
• Correct inaccurate information

Right to Erasure:

• Request complete account deletion
• Delete specific parts of information
• Withdraw previous consents

Right to Data Portability:

• Receive data in usable format
• Transfer information to another service
• Backup settings

Right to Object:

• Object to specific data processing
• Request stop of promotional emails
• Complain to regulatory authorities

Active Information:

• As long as account remains active
• Maximum 5 years without activity
• Extension possible with re-login

Backup Information:

• 30 days after account deletion
• 6 months for financial information
• 1 year for security logs

Legal Information:

• According to country's legal requirements
• Maximum 7 years for financial documents
• Retention for defense against claims

Automatic Deletion:

• Temporary logs: 90 days
• Cookies: 1 year
• Anonymous statistics: 2 years

Notification:

• Email to all active users
• Notification in user panel
• Publication on website and social media

Implementation Period:

• 30 days for regular changes
• 7 days for emergency security changes
• Immediate for legal requirements

User Rights:

• Object to changes
• Request account deletion before implementation
• Receive additional explanations

Previous Versions:

• Access to previous policy versions
• Compare changes made
• Complete change history