Privacy Policy

1. Introduction

Dailo ("we," "our," or "us") provides AI-powered chatbot services through Meta's messaging platforms including WhatsApp Business API, Facebook Messenger, and Instagram Direct Messages. This Privacy Policy explains how we collect, use, process, and protect your personal information when you interact with our services.

2. Information We Collect

2.1 Information You Provide

• Messages and Communications: Content of messages sent through WhatsApp, Facebook Messenger, or Instagram Direct Messages
• Contact Information: Phone numbers, email addresses, and names when provided
• Preferences: Communication preferences and settings
• Business Information: Company details for business accounts

2.2 Information Automatically Collected

• Meta Platform Data: User IDs, profile information, and access tokens from Facebook, Instagram, and WhatsApp
• Technical Data: IP addresses, device information, browser type, and usage patterns
• Conversation Metadata: Message timestamps, delivery status, and engagement metrics

2.3 Information from Third Parties

• Meta Platforms: Profile information and messaging data from Facebook, Instagram, and WhatsApp APIs
• Business Clients: Customer information provided by businesses using our services

3. How We Use Your Information

3.1 Primary Purposes

• AI Chat Processing: Analyzing and responding to messages using artificial intelligence
• Service Delivery: Providing automated customer service and support
• Platform Integration: Facilitating communication across Meta's messaging platforms
• Conversation Management: Maintaining context and conversation history

3.2 Secondary Purposes

• Service Improvement: Enhancing AI response quality and platform functionality
• Analytics: Generating usage statistics and performance metrics
• Technical Support: Troubleshooting and customer assistance
• Legal Compliance: Meeting regulatory and legal obligations

4. Data Processing and AI Services

4.1 Artificial Intelligence Processing

• Messages are processed by AI systems to generate automated responses
• We use third-party AI services including Google Gemini
• AI processing may involve temporary data storage for response generation
• We do not use customer conversations to train AI models without explicit consent

4.2 Data Processors and Service Providers

We work with the following categories of service providers who may access your data:

• Cloud Infrastructure: Amazon Web Services (AWS) for hosting and data processing
• AI Services: Google Gemini for natural language processing
• Database Services: AWS for data storage
• Analytics Tools: Google Analytics for performance monitoring
• Security Services: Cloudflare for data protection

5. Data Sharing and Transfers

5.1 Third-Party Sharing

• Meta Platforms: Data sharing as required for WhatsApp, Facebook, and Instagram integration
• Business Clients: Conversation data shared with businesses you interact with
• Service Providers: Data processed by our technical partners listed above
• Legal Requirements: Data shared when required by law or legal process

5.2 International Transfers

• Data may be processed in countries outside Georgia, including the United States and European Union
• We implement appropriate safeguards for international data transfers
• Data transfers comply with applicable data protection laws

6. Data Retention

6.1 Retention Periods

• Active Conversations: Retained for 30 days after last interaction
• Completed Conversations: Retained for 6 months for service improvement
• Account Information: Retained while account remains active
• Legal Records: Retained as required by applicable law

6.2 Data Deletion

• Automated deletion occurs after retention periods expire
• Manual deletion available upon user request
• Technical deletion from all systems and backups

7. Your Rights and Choices

7.1 Access and Control

• Access: Request copies of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Portability: Receive your data in a structured format
• Opt-out: Unsubscribe from communications

7.2 Exercising Your Rights

• To exercise your rights, contact us at: support@dailo.ai
• We will respond to requests within 30 days
• Identity verification may be required for security purposes

8. Data Security

8.1 Security Measures

• Encryption: Data encrypted in transit and at rest
• Access Controls: Restricted access to authorized personnel only
• Monitoring: Continuous security monitoring and threat detection
• Incident Response: Established procedures for security incidents

8.2 Data Breach Notification

• Users will be notified of significant data breaches within 72 hours
• Appropriate authorities will be notified as required by law
• Mitigation steps will be taken immediately upon discovery

9. Legal Basis for Processing

We process your personal data based on:

• Legitimate Interest: Providing AI chatbot services and platform integration
• Consent: When you agree to specific processing activities
• Contract Performance: Fulfilling our service agreements
• Legal Compliance: Meeting regulatory requirements

10. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it immediately.

11. Government Requests and Legal Compliance

11.1 Our Policies

• Legal Review: All government requests undergo legal review
• Challenge Process: We challenge unlawful or overly broad requests
• Data Minimization: We disclose only the minimum information necessary
• Documentation: All requests and responses are properly documented

11.2 Transparency

We have not disclosed user data in response to national security requests in the past 12 months. If this changes, we will update our transparency reporting accordingly.

12. Contact Information

For privacy-related inquiries, data subject requests, or concerns about this policy, please contact us using the information above.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated through:

• Email notification to registered users
• Notice on our website
• In-app notifications where applicable

Continued use of our services after changes constitutes acceptance of the updated policy.

14. Governing Law

This Privacy Policy is governed by the laws of Georgia and applicable international data protection regulations. Any disputes will be resolved in Georgian courts.