Privacy Policy

Welcome to UAIConnector. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our automated customer support bot service for Instagram and Facebook Messenger.

8 min read
Last Updated: January 17, 2025

Information We Collect

We collect different types of information depending on whether you are a business client using our service or an end user interacting with a business through our bot.

Information from Businesses (Our Clients)

  • Business name and contact information
  • Facebook Page ID and Instagram Business Account ID
  • OAuth tokens for Instagram and Messenger access
  • Business preferences and bot configuration settings
  • FAQs and knowledge base content
  • Usage statistics and analytics
  • Payment and billing information
  • Admin user accounts and credentials

Information from End Users (Customers messaging businesses)

  • Instagram or Facebook user ID
  • Messages sent to business accounts
  • Timestamp of interactions
  • Message content for customer support purposes
  • User interaction patterns with the bot
  • Language preferences

Automatically Collected Information

  • IP addresses and device information
  • Browser type and version
  • Operating system information
  • Usage patterns and interaction data
  • Performance metrics and error logs
  • Cookies and similar tracking technologies
  • API request logs and response times

How We Use Your Information

We use the collected information for specific purposes to provide and improve our automated customer support service.

Service Provision

  • Provide automated customer support services through Instagram and Messenger
  • Connect businesses with their customers seamlessly
  • Generate AI-powered responses based on business FAQs and knowledge bases
  • Maintain conversation history for quality assurance and continuity
  • Process OAuth authentication with Meta platforms
  • Manage multi-tenant architecture for multiple business clients

Service Improvement

  • Analyze usage patterns to improve bot responses
  • Enhance AI model accuracy and relevance
  • Develop new features based on client feedback
  • Optimize system performance and response times
  • Conduct A/B testing for better user experience

Security and Compliance

  • Detect and prevent fraud, abuse, and security threats
  • Comply with legal obligations and Meta platform policies
  • Enforce our Terms of Service and Acceptable Use Policy
  • Respond to legal requests and protect rights and safety
  • Maintain audit logs for security purposes

Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share information only in specific circumstances to operate our service effectively.

With Business Clients

Conversation data and analytics are shared with the business that owns the Instagram/Facebook account to help them serve their customers better.

Service Providers

We work with trusted third-party services including Google Cloud (AI and storage), Meta Platforms (Instagram/Messenger APIs), payment processors, and hosting providers. These providers are bound by confidentiality agreements.

Legal Requirements

We may disclose information when required by law, court order, or to protect rights, property, or safety of UAIConnector, our users, or others.

Business Transfers

In case of merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to different privacy policies.

With Consent

We share information when you explicitly agree to such sharing for specific purposes.

Data Security

We implement comprehensive security measures to protect your information from unauthorized access, disclosure, alteration, and destruction.

Technical Safeguards

  • End-to-end encryption for data in transit using TLS 1.3
  • AES-256 encryption for data at rest
  • Secure OAuth 2.0 implementation for Meta platform integration
  • Regular security audits and penetration testing
  • Web Application Firewall (WAF) protection
  • DDoS protection and rate limiting

Organizational Measures

  • Role-based access controls (RBAC)
  • Regular security training for employees
  • Background checks for personnel handling sensitive data
  • Incident response and breach notification procedures
  • Regular backups with disaster recovery plans
  • Vendor security assessments

Multi-Tenant Isolation

Each business client's data is completely isolated in separate environments with dedicated resources, ensuring complete privacy and preventing cross-tenant data access.

Data Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law.

Retention Periods

  • Business Account Data: Active account duration plus 90 days after termination
  • Conversation Data: 30 days by default (configurable by business up to 365 days)
  • OAuth Tokens: Until revoked or account termination
  • Analytics Data: 12 months rolling window
  • Payment Records: 7 years for tax and accounting purposes
  • Security Logs: 6 months for incident investigation
  • Marketing Data: Until consent withdrawn or 3 years of inactivity

Data Deletion

Upon request or retention period expiration, we securely delete or anonymize personal data using industry-standard methods, except where retention is required by law.

Your Privacy Rights

Depending on your location, you have specific rights regarding your personal information. We respect and facilitate the exercise of these rights.

Access and Portability

You have the right to request access to your personal information and receive it in a structured, commonly used, and machine-readable format.

Correction and Update

You can request correction of inaccurate or incomplete personal information we hold about you.

Deletion (Right to be Forgotten)

You may request deletion of your personal information, subject to legal exceptions such as compliance with legal obligations or defense of legal claims.

Restriction and Objection

You can request restriction of processing or object to certain uses of your personal information, including marketing communications.

Withdraw Consent

Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

How to Exercise Your Rights

Contact us at axheconsultants@gmail.com or through your account dashboard. We will respond within 30 days or as required by applicable law.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and deliver relevant content.

Types of Cookies We Use

  • Essential Cookies: Required for platform functionality and security
  • Performance Cookies: Help us understand usage patterns and improve services
  • Analytics Cookies: Track aggregated usage statistics
  • Preference Cookies: Remember your settings and customizations
  • Session Cookies: Maintain your logged-in state

Third-Party Cookies

Our service may include cookies from Meta platforms (for OAuth), Google Analytics (for usage analysis), and payment processors (for transaction security).

Managing Cookies

You can control cookies through browser settings. Note that disabling certain cookies may limit functionality. For more control, use our cookie preference center in your account settings.

International Data Transfers

As a global service, we may transfer your information across international borders with appropriate safeguards.

Transfer Mechanisms

We use Standard Contractual Clauses (SCCs), adequacy decisions, and other approved transfer mechanisms to ensure your data is protected when transferred internationally.

Data Localization Options

Enterprise clients can request data localization to keep information within specific geographic regions, subject to technical feasibility and additional fees.

Children's Privacy

Our service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child under 18, we will promptly delete it. If you believe we have information about a child, please contact us immediately.

Third-Party Services and Integrations

Our service integrates with various third-party platforms to provide comprehensive functionality.

Meta Platforms Integration

We integrate with Facebook, Instagram, and Messenger through official APIs. Your use of these features is also subject to Meta's Privacy Policy and Terms of Service.

Google Cloud Services

We use Google Cloud for AI processing, data storage, and infrastructure. Google Cloud complies with major privacy regulations and maintains appropriate security certifications.

Other Integrations

We may integrate with CRM systems, analytics platforms, and other business tools as requested by clients. Each integration is governed by respective privacy policies.

California Privacy Rights (CCPA)

California residents have additional privacy rights under the California Consumer Privacy Act (CCPA).

Right to Know

You have the right to know what categories of personal information we collect, the sources, purposes of collection, and categories of third parties with whom we share information.

Right to Delete

You may request deletion of your personal information, subject to certain exceptions.

Right to Opt-Out

We do not sell personal information. However, you have the right to opt-out of any future sale should our practices change.

Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights.

Authorized Agent

You may designate an authorized agent to make requests on your behalf. We may require verification of the agent's authority.

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes through email, in-app notifications, or prominent notice on our website at least 30 days before the changes take effect. Your continued use after the effective date constitutes acceptance of the updated policy.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us.

Privacy Team

  • Email: axheconsultants@gmail.com
  • Data Protection Officer: axheconsultants@gmail.com
  • Address: AXHE CONSULTANTS L.L.C., 25 SE 2nd Ave Ste 550 # 811, Miami, FL 33131, United States
  • Phone: +1 (555) 123-4567

Supervisory Authority

EEA residents may also contact their local data protection authority for complaints or inquiries.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email:axheconsultants@gmail.com

Address:AXHE CONSULTANTS L.L.C., 25 SE 2nd Ave Ste 550 # 811, Miami, FL 33131, United States