Privacy Policy

Introduction

Kuar.ai ("we," "our," or "us") provides an AI-powered customer service automation platform that enables businesses to communicate with their customers through WhatsApp Business API and other messaging channels. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

We are committed to protecting your privacy and ensuring transparency about our data practices. By using our services, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Business Client Information

When businesses register for our platform, we collect:

• Business name, contact information, and billing details
• WhatsApp Business Account credentials and API access tokens
• Team member information (names, email addresses, roles)
• Business configuration data (operating hours, services offered, menu items, etc.)

1.2 Platform Data from WhatsApp

To provide our AI automation services, we process the following data from WhatsApp Business API:

• Message content (text, images, documents, audio, video) sent between businesses and their customers
• Customer contact information (phone numbers, names, profile pictures)
• Message metadata (timestamps, delivery status, read receipts)
• Conversation history and context

Important: This data belongs to our business clients and their customers. We act as a data processor on behalf of our clients.

1.3 Usage and Technical Data

• Log data (IP addresses, browser type, access times)
• Device information and operating system
• Performance metrics and error reports
• Feature usage statistics

2. How We Use Platform Data

We use Platform Data (information obtained from WhatsApp and other messaging platforms) exclusively to provide our AI automation services on behalf of our business clients:

2.1 AI-Powered Customer Service

• Reading and analyzing customer messages to understand intent and context
• Generating automated responses to customer inquiries
• Processing customer requests (bookings, orders, information requests)
• Sending relevant information, files, and confirmations to customers

2.2 Service Delivery

• Maintaining conversation history for context and continuity
• Routing messages to appropriate AI agents or human operators
• Managing customer interactions across multiple channels
• Providing analytics and insights to business clients

2.3 Platform Improvement

• Improving AI model accuracy and response quality
• Identifying and fixing technical issues
• Developing new features and capabilities

We do NOT use Platform Data for:

• Advertising or marketing purposes
• Selling or sharing with third parties
• Training AI models for other clients
• Any purpose unrelated to providing our services

3. Client Control and Data Ownership

Our business clients maintain full control and ownership of their data:

• Client Ownership: All customer conversations and data belong to our business clients, not to us
• Configuration Control: Clients configure their own AI agents, define response rules, and control what information is shared
• Access Control: Clients can access, export, or delete their data at any time
• WhatsApp Account Control: Clients maintain full control of their WhatsApp Business accounts

We act solely as a technology provider and data processor. The business-customer relationship remains between our client and their customers.

4. Data Sharing and Disclosure

We share information only in the following limited circumstances:

4.1 With Business Clients

We provide our business clients with access to their own customer conversations and analytics through our platform dashboard.

4.2 Service Providers

We work with trusted third-party service providers who assist us in operating our platform:

• Cloud hosting providers (for infrastructure)
• AI/ML service providers (OpenAI, Google) for natural language processing
• Payment processors (for billing)
• Analytics and monitoring services

These providers are contractually obligated to protect data and use it only for providing their specific services.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred to the acquiring entity.

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security audits and vulnerability assessments
• Employee training on data protection practices
• Incident response procedures

While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain data for as long as necessary to provide our services and comply with legal obligations:

• Active Accounts: Conversation data is retained while the business account is active
• Closed Accounts: Data is deleted within 90 days of account closure, unless required for legal compliance
• Backup Data: Backup copies are retained for disaster recovery purposes and are deleted according to our backup retention schedule

Business clients can request deletion of specific data at any time through their account settings or by contacting support.

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data
• Portability: Request a copy of your data in a portable format
• Objection: Object to certain processing activities
• Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@kuar.ai or through your account settings.

8. International Data Transfers

Our services are hosted on cloud infrastructure that may be located in different countries. When we transfer data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses or other legally approved mechanisms.

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. Third-Party Links

Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by:

• Posting the updated policy on this page with a new "Last Updated" date
• Sending email notifications to registered business clients
• Displaying a prominent notice on our platform

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: