Privacy Policy - Booking AI

Last Updated: December 2024

Welcome to Booking AI. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our booking automation service that integrates with WhatsApp Business API.

                Important: By using our service, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our service.
            

1. Information We Collect

1.1 Information You Provide

Account Information: Name, email address, phone number, business name, and other registration details
WhatsApp Business Information: WhatsApp Business Account ID, phone number ID, and API credentials
Booking Data: Customer names, contact information, booking preferences, appointment details, and communication history
Payment Information: Billing address and payment method details (processed securely through third-party payment processors)

1.2 Information Collected Automatically

Usage Data: How you interact with our service, features used, and time spent
Device Information: IP address, browser type, operating system, and device identifiers
Cookies and Tracking: We use cookies and similar technologies to enhance your experience
Log Data: Server logs, error reports, and performance metrics

1.3 WhatsApp Message Data

WhatsApp Integration: When you use our service with WhatsApp Business API, we process:

Message content sent and received through your WhatsApp Business account
Customer phone numbers and profile information
Message delivery status and timestamps
Media files (images, documents, videos) shared in conversations

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Delivery

Process and manage bookings through WhatsApp conversations
Send automated booking confirmations, reminders, and updates
Enable communication between you and your customers
Provide AI-powered chatbot responses and automation

2.2 Service Improvement

Analyze usage patterns to improve our features and functionality
Train and enhance our AI models for better automation
Conduct research and development
Troubleshoot technical issues and provide customer support

2.3 Business Operations

Process payments and manage subscriptions
Send service-related notifications and updates
Comply with legal obligations and enforce our terms
Prevent fraud and ensure platform security

2.4 Marketing (With Your Consent)

Send promotional materials about new features and services
Provide personalized recommendations
Conduct surveys and gather feedback

3. WhatsApp Business API and Meta

Third-Party Service: Our service integrates with WhatsApp Business API, which is provided by Meta Platforms, Inc.

3.1 Data Sharing with Meta

When you use our WhatsApp integration:

Message data is processed through Meta's WhatsApp Business API infrastructure
Meta may collect and process data according to their own privacy policy
End-to-end encryption applies to messages as per WhatsApp's security standards
You must comply with Meta's Terms of Service and WhatsApp Business Policy

3.2 Your Responsibilities

As a business using our service with WhatsApp:

You must obtain proper consent from your customers before messaging them
You are responsible for complying with WhatsApp Business Policy
You must provide your own privacy policy to your customers
You must handle customer data in accordance with applicable laws

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Service Providers

We share data with trusted third-party service providers who assist us in:

Cloud hosting and data storage (AWS, Google Cloud, etc.)
WhatsApp Business API (Meta Platforms, Inc.)
Payment processing (Stripe, PayPal, etc.)
Analytics and monitoring tools
Customer support platforms

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

4.3 Legal Requirements

We may disclose your information when required by law or to:

Comply with legal obligations, court orders, or government requests
Protect our rights, privacy, safety, or property
Investigate fraud or security issues
Enforce our Terms of Service

4.4 With Your Consent

We may share your information with other parties when you explicitly consent to such sharing.

5. Data Security

We implement robust security measures to protect your information:

Encryption: Data in transit is encrypted using TLS/SSL protocols
Access Controls: Strict access controls and authentication mechanisms
Regular Audits: Security audits and vulnerability assessments
Secure Infrastructure: Industry-standard cloud hosting with advanced security
Employee Training: Staff trained on data protection and security practices
Incident Response: Procedures in place to respond to security breaches

Note: While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

Provide our services and fulfill the purposes outlined in this policy
Comply with legal, accounting, or reporting requirements
Resolve disputes and enforce our agreements
Maintain business records and analytics

Retention Periods:

Account Data: Retained while your account is active plus 90 days after closure
Message Data: Retained for up to 1 year or as required by applicable laws
Transaction Records: Retained for 7 years for tax and legal compliance
Analytics Data: Aggregated and anonymized data may be retained indefinitely

7. Your Rights and Choices

You have the following rights regarding your personal data:

7.1 Access and Portability

Request a copy of your personal data
Receive your data in a structured, machine-readable format
Transfer your data to another service provider

7.2 Correction and Updates

Update or correct inaccurate personal information
Complete incomplete data

7.3 Deletion

Request deletion of your personal data (subject to legal obligations)
Close your account and remove associated data

7.4 Restriction and Objection

Restrict processing of your personal data in certain circumstances
Object to processing based on legitimate interests
Opt-out of marketing communications

7.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

Essential Cookies: Enable core functionality and authentication
Analytics Cookies: Understand how you use our service
Preference Cookies: Remember your settings and preferences
Marketing Cookies: Deliver relevant advertisements (with your consent)

You can control cookies through your browser settings. Note that disabling certain cookies may limit functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

Standard Contractual Clauses approved by regulatory authorities
Adequacy decisions by relevant data protection authorities
Compliance with applicable data protection frameworks

10. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. Third-Party Links

Our service may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by:

Posting the updated policy on our website
Sending an email notification to your registered email address
Displaying a prominent notice in our service

Your continued use of our service after changes become effective constitutes acceptance of the updated policy.

13. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your personal data based on:

Contract: Processing necessary to provide our services
Consent: You have given explicit consent for specific purposes
Legitimate Interests: Processing necessary for our legitimate business interests
Legal Obligation: Processing required to comply with legal obligations

14. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected, used, and shared
Right to delete personal information
Right to opt-out of the sale of personal information (we do not sell personal information)
Right to non-discrimination for exercising CCPA rights

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]
Support: [email protected]
Website: https://booking-ai.online

Data Protection Officer:
Email: [email protected]

We will respond to all requests within 30 days. For urgent matters, please mark your communication as "Urgent Privacy Request."