1. Introduction

BOTBAT FOR AI APPLICATIONS AND SERVICES CO. L.L.C ("BOTBAT", "we", "us") provides AI-powered chatbot and customer engagement services through multiple messaging channels including WhatsApp Business API. This Privacy Policy explains how we collect, use, store, and protect personal data.

2. Data We Collect

When businesses use BOTBAT to communicate with their customers, we may process:

Customer contact information (phone numbers, names) as provided through messaging channels
Message content exchanged between businesses and their customers
Conversation metadata (timestamps, message status, channel information)
Device and session identifiers
Business account information and configuration data

3. How We Use Data

We process data to:

Deliver AI chatbot and messaging services on behalf of our business clients
Provide knowledge base search and automated responses
Generate conversation summaries and analytics for business clients
Improve our AI models and service quality
Comply with legal obligations

4. Data Retention

We retain data according to the following schedule:

Active conversation sessions: 24 hours from last activity
Message history: 90 days
Knowledge base content: Until manually deleted by the business client
Audit and access logs: 180 days
WhatsApp customer interaction data: 90 days

Data exceeding retention periods is automatically purged by scheduled cleanup processes.

4b. WhatsApp Business API Data Handling

As a Meta Tech Provider, we process the following data through the WhatsApp Business API:

End-user phone numbers and WhatsApp profile names
Message content (text, images, documents, location) sent and received
Message delivery and read receipts (timestamps and status)
Message template identifiers and campaign responses
Chatbot interaction data (user selections, form inputs)

WhatsApp interaction data is retained for 90 days and then automatically purged. End users may request deletion of their data at any time by contacting privacy@botbat.io.

4c. Legal Basis for Processing

We process personal data under the following legal bases pursuant to UAE PDPL (Federal Decree-Law No. 45/2021) and GDPR where applicable:

Contractual necessity: To deliver our services to business clients
Consent: For processing end-user data of individuals who interact via messaging channels
Legitimate interests: To improve our services, prevent fraud, and ensure platform security
Legal obligation: To comply with applicable laws and regulations

4d. Additional Rights Under GDPR

If you are located in the European Economic Area, you have the following additional rights:

Right to restrict processing
Right to data portability in a machine-readable format
Right to lodge a complaint with a supervisory data protection authority
Right to withdraw consent at any time

A Data Processing Agreement (DPA) is available for business clients upon request. Please contact privacy@botbat.io.

5. Data Sharing

We do not sell personal data. Data may be shared with:

Meta Platforms (as required for WhatsApp Business API operation)
Cloud infrastructure providers (for hosting and processing)
Business clients (their own customer data and analytics)

6. Security Measures

We implement appropriate technical and organizational measures including:

Encryption in transit (TLS/HTTPS)
Access control with mandatory two-factor authentication
Joiner-Mover-Leaver access management process
Regular access reviews
Audit logging of all administrative actions

7. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your personal data
Request correction of inaccurate data
Request deletion of your data
Object to or restrict processing
Data portability

To exercise these rights, contact us at: privacy@botbat.io

8. Data Deletion Requests

End users may request deletion of their data by contacting the business they interacted with, or by emailing privacy@botbat.io. We will process deletion requests within 30 days.

9. International Data Transfers

Data is primarily processed in the United Arab Emirates via Amazon Web Services (AWS). Data may be transferred to:

AWS servers in Middle East (Bahrain) and Europe (Frankfurt) regions for hosting and backup
Meta servers (United States) for WhatsApp Business API operation
Google services (United States) for AI processing

We ensure appropriate safeguards are in place for any international transfers, including Standard Contractual Clauses where applicable.

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

11. Contact Information

BOTBAT FOR AI APPLICATIONS AND SERVICES CO. L.L.C

1. Introduction

2. Data We Collect

When businesses use BOTBAT to communicate with their customers, we may process:

Customer contact information (phone numbers, names) as provided through messaging channels
Message content exchanged between businesses and their customers
Conversation metadata (timestamps, message status, channel information)
Device and session identifiers
Business account information and configuration data

3. How We Use Data

We process data to:

Deliver AI chatbot and messaging services on behalf of our business clients
Provide knowledge base search and automated responses
Generate conversation summaries and analytics for business clients
Improve our AI models and service quality
Comply with legal obligations

4. Data Retention

We retain data according to the following schedule:

Active conversation sessions: 24 hours from last activity
Message history: 90 days
Knowledge base content: Until manually deleted by the business client
Audit and access logs: 180 days
WhatsApp customer interaction data: 90 days

Data exceeding retention periods is automatically purged by scheduled cleanup processes.

4b. WhatsApp Business API Data Handling

As a Meta Tech Provider, we process the following data through the WhatsApp Business API:

End-user phone numbers and WhatsApp profile names
Message content (text, images, documents, location) sent and received
Message delivery and read receipts (timestamps and status)
Message template identifiers and campaign responses
Chatbot interaction data (user selections, form inputs)

WhatsApp interaction data is retained for 90 days and then automatically purged. End users may request deletion of their data at any time by contacting privacy@botbat.io.

4c. Legal Basis for Processing

We process personal data under the following legal bases pursuant to UAE PDPL (Federal Decree-Law No. 45/2021) and GDPR where applicable:

Contractual necessity: To deliver our services to business clients
Consent: For processing end-user data of individuals who interact via messaging channels
Legitimate interests: To improve our services, prevent fraud, and ensure platform security
Legal obligation: To comply with applicable laws and regulations

4d. Additional Rights Under GDPR

If you are located in the European Economic Area, you have the following additional rights:

Right to restrict processing
Right to data portability in a machine-readable format
Right to lodge a complaint with a supervisory data protection authority
Right to withdraw consent at any time

A Data Processing Agreement (DPA) is available for business clients upon request. Please contact privacy@botbat.io.

5. Data Sharing

We do not sell personal data. Data may be shared with:

Meta Platforms (as required for WhatsApp Business API operation)
Cloud infrastructure providers (for hosting and processing)
Business clients (their own customer data and analytics)

6. Security Measures

We implement appropriate technical and organizational measures including:

Encryption in transit (TLS/HTTPS)
Access control with mandatory two-factor authentication
Joiner-Mover-Leaver access management process
Regular access reviews
Audit logging of all administrative actions

7. Your Rights

Depending on your jurisdiction, you may have the right to:

Access your personal data
Request correction of inaccurate data
Request deletion of your data
Object to or restrict processing
Data portability

To exercise these rights, contact us at: privacy@botbat.io

8. Data Deletion Requests

End users may request deletion of their data by contacting the business they interacted with, or by emailing privacy@botbat.io. We will process deletion requests within 30 days.

9. International Data Transfers

Data is primarily processed in the United Arab Emirates via Amazon Web Services (AWS). Data may be transferred to:

AWS servers in Middle East (Bahrain) and Europe (Frankfurt) regions for hosting and backup
Meta servers (United States) for WhatsApp Business API operation
Google services (United States) for AI processing

We ensure appropriate safeguards are in place for any international transfers, including Standard Contractual Clauses where applicable.

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

11. Contact Information

BOTBAT FOR AI APPLICATIONS AND SERVICES CO. L.L.C

Menu

Privacy Policy

1. Introduction

2. Data We Collect

3. How We Use Data

4. Data Retention

4b. WhatsApp Business API Data Handling

4c. Legal Basis for Processing

4d. Additional Rights Under GDPR

5. Data Sharing

6. Security Measures

7. Your Rights

8. Data Deletion Requests

9. International Data Transfers

10. Changes to This Policy

11. Contact Information

Loading

Get in Touch

Follow Us

Privacy Policy

1. Introduction

2. Data We Collect

3. How We Use Data

4. Data Retention

4b. WhatsApp Business API Data Handling

4c. Legal Basis for Processing

4d. Additional Rights Under GDPR

5. Data Sharing

6. Security Measures

7. Your Rights

8. Data Deletion Requests

9. International Data Transfers

10. Changes to This Policy

11. Contact Information