PRIVACY POLICY
Your Data.
Our Responsibility.
Effective Date: June 1, 2025 · Last Updated: June 1, 2025 · Version 1.0
This Privacy Policy explains how AutoReply AI ("we", "our", "us"), operated by AutoReply AI (autoreplyai.in), collects, uses, stores, and protects your information when you use our mobile application and web platform. By using AutoReply AI, you agree to the terms described in this policy.
1. Information We Collect
We collect only the information necessary to provide our services:
- Account Information: Name, email address, phone number, and Google account details (via Google Sign-In)
- Business Information: WhatsApp Business number, business name, FAQ content, and menu configurations you create
- WhatsApp Message Data: Customer messages received through your connected WhatsApp Business number, processed solely to generate AI replies
- Payment Information: Plan selection and payment status. Card and banking details are processed directly by Razorpay and never stored on our servers
- Device Information: FCM device token for push notifications, device type, and operating system
- Usage Data: Message counts, feature usage, and reply logs for billing and service improvement
2. How We Use Your Information
- To power AI-generated replies to your customers' WhatsApp messages
- To authenticate your identity and manage your account securely
- To process payments and manage your subscription plan
- To send push notifications for important business events (escalations, lead detection, billing alerts)
- To send transactional emails (payment confirmations, renewal reminders) via Resend
- To enforce plan limits and prevent abuse
- To improve our AI models and service quality using anonymised, aggregated data
We do NOT use your customers' messages for advertising, profiling, or any purpose beyond generating AI replies on your behalf. We do NOT sell your data to any third party.
3. Third-Party Services We Use
| Service | Purpose | Data Shared |
|---|
| Meta / WhatsApp Cloud API | Send & receive WhatsApp messages | Business phone number, message content |
| OpenAI (GPT-4o-mini) | Generate AI replies | Customer message content (anonymised context) |
| Firebase (Google) | Auth, database, cloud functions, push notifications | Account data, usage data |
| Razorpay | Payment processing | Payment amount, plan info (no card data) |
| Resend | Transactional emails | Your email address |
Each third-party service operates under their own privacy policy and data processing agreements. We do not control their practices.
4. Data Storage & Security
- All data is stored on Google Firebase servers with industry-standard encryption at rest and in transit
- Access to your data is restricted to authenticated users only via Firebase Security Rules
- API keys and secrets are stored in Firebase Secret Manager and never exposed in client-side code
- WhatsApp webhook payloads are verified using HMAC-SHA256 signature validation before processing
- We perform regular security audits to prevent unauthorised access
5. Data Retention
- Account data is retained as long as your account is active
- WhatsApp message logs are retained for 90 days by default for debugging and audit purposes
- Payment records are retained for 7 years as required by Indian financial regulations
- On account deletion, all personal data is permanently deleted within 30 days, except where retention is legally required
6. Your Rights
- Access: Request a copy of all data we hold about you
- Correction: Request correction of inaccurate personal data
- Deletion: Request deletion of your account and associated data
- Portability: Request your data in a machine-readable format
- Objection: Object to processing of your data for specific purposes
To exercise any of these rights, contact us at support@autoreplyai.in. We will respond within 30 days.
7. Children's Privacy
AutoReply AI is a business tool intended for users aged 18 and above. We do not knowingly collect personal data from anyone under 18. If we become aware that a minor has provided us with personal data, we will delete it immediately.
8. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of AutoReply AI after changes constitutes acceptance of the updated policy.