User Terms

Last Updated: October 2025 1. Introduction BotMax AI (“we”, “our”, “us”) provides automation, CRM, and communication software, including WhatsApp Business API integrations, customer-support flows, and embedded signup tools. This Privacy Policy explains what data we collect through our websites, apps, and integrations (the “Services”), how we use it, and your choices. By using BotMax AI or connecting any Meta Product (e.g. WhatsApp, Facebook Page, Instagram Account) through our platform, you agree to this Privacy Policy and the Meta Platform Terms, Developer Policies, and all applicable laws. 2. Data We Collect We collect and process the following categories of information: a. Account Information Name, email address, phone number, business name, and login credentials you provide when registering. Authentication tokens and IDs obtained when you authorize our platform via Meta’s Login or WhatsApp Business API. b. Platform Data (from Meta Products) When you connect Meta Products to BotMax AI, we may receive: Business Account ID, WhatsApp Number ID, phone number, and conversation metrics. Page ID, Page Name, messages, message status, and contact info permitted by you through Meta’s API. Only the fields explicitly authorized via Meta’s App Review process. We do not collect, store, or use personal messages from end-users beyond what is necessary to deliver or analyze the communication. c. Usage & Technical Data IP address, browser type, operating system, device identifiers. Actions within the dashboard (login time, API usage, campaign performance). Cookies or similar technologies to maintain sessions and analytics. 3. How We Use Data We process data strictly for: Operating and improving our Services (e.g. message delivery, analytics). Providing technical support and resolving user issues. Complying with Meta’s Platform Policies and audit requirements. Ensuring security, preventing abuse or unauthorized access. Legal compliance under applicable laws and platform terms. We never sell, license, or rent Platform Data. 4. Legal Basis for Processing We process data under one or more of the following bases: Your consent (when connecting Meta accounts or submitting forms). Performance of a contract (providing requested automation services). Legitimate interest (security, platform maintenance, improving features). Legal obligation (responding to lawful requests). 5. Sharing of Data We may share data only as permitted by Meta Policies and law: Purpose Recipient Safeguards Infrastructure hosting Reputable cloud providers (e.g. AWS) Encrypted storage, restricted access Service Providers Developers, email or SMS vendors Written agreements limiting use to BotMax AI services Meta Platforms Via approved APIs only In accordance with Meta’s Platform Terms Legal requirements Regulators / authorities Only when legally required We do not share or resell Platform Data to third parties for advertising or profiling. 6. Data Retention and Deletion We retain Platform Data only as long as required for legitimate business purposes or to comply with law. If you disconnect your Meta account or request deletion, associated Platform Data is deleted within 30 days unless law requires otherwise. End-users may request deletion by emailing [email protected] or through our in-app settings. Logs and anonymized analytics may be retained without personal identifiers. 7. User Rights Depending on your jurisdiction, you may: Access, correct, or delete your data. Withdraw consent at any time. Request export of your data. To exercise these rights, email [email protected] with “Data Request” in the subject line. 8. Data Security We implement administrative, physical, and technical safeguards that meet or exceed industry standards: Encrypted storage and transmission (HTTPS / TLS 1.2+). Role-based access control and tokenized authentication. Regular security audits and vulnerability patching. If a data incident occurs, we notify Meta and affected users in accordance with Meta Terms and law. 9. Service Providers and Sub-Processors All vendors and contractors must: Process Platform Data solely under our direction; Maintain equivalent security standards; and Delete all Platform Data upon contract termination. We remain responsible for their compliance. 10. International Transfers Data may be processed in or transferred to countries where we or our vendors operate (e.g. United States, India, Singapore). When transferring EEA/UK data, we rely on Standard Contractual Clauses (SCCs) and the UK Addendum, consistent with Sections 10A–10C of Meta’s Platform Terms. 11. Children’s Privacy BotMax AI is not intended for children under 13 years of age. We do not knowingly collect their data. If you believe we have, contact us for deletion. 12. Changes to This Policy We may update this Privacy Policy to reflect operational or legal changes. Updated versions will be posted at https://botmaxai.com/privacy with a revised date. Continued use of our Services after updates means acceptance of the revised policy. 13. Contact Us For privacy or data-protection inquiries: BotMax AI Technologies Private Limited Email: [email protected] Address: 1st Floor, Sector 63, Noida, UP 201301, India ✅ Reviewer Checklist Alignment ☑ Public URL, non-geoblocked, accessible by Meta crawlers. ☑ Explains what data is collected, how it is used, retention & deletion. ☑ Explicit statement of compliance with Meta Platform Terms and law. ☑ User rights & contact method clearly listed. ☑ No contradictions with Meta Terms of Service.