Legal Documents

Privacy Policy

How we collect, use, and protect your data when using our multi-channel messaging automation platform.

Last UpdatedJanuary 2026

1. Introduction

SocialAIFlow ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our multi-channel messaging automation platform (the "Service").

By accessing or using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

  • Name and email address
  • Organization/company name
  • Password (encrypted and hashed)
  • Billing information (processed securely by our payment processor)
  • Role within organization

Profile Information:

  • Profile picture (optional)
  • Timezone preferences
  • Communication preferences

User-Generated Content:

  • Messages and conversations (stored to provide automation services)
  • Flow configurations and automation rules
  • Integration credentials (encrypted at rest)
  • Notes and tags on contacts

2.2 Information Collected Automatically

Usage Data:

  • IP address and geographic location
  • Browser type and version
  • Operating system
  • Device information
  • Pages visited and features used
  • Time and date of access
  • Time spent on pages
  • Click patterns and navigation paths

Performance Data:

  • API response times
  • Error logs and crash reports
  • Message delivery status
  • Flow execution metrics

Cookies and Tracking Technologies:

  • Session cookies (required for authentication)
  • Preference cookies (remember settings)
  • Analytics cookies (understand usage patterns)
  • Marketing cookies (with your consent)

2.3 Information from Third Parties

Meta Platforms (Instagram/Facebook/WhatsApp):

When you connect your Meta business account, we receive:

  • Instagram/Facebook User ID
  • Profile information (name, username, profile picture)
  • Message content and metadata (to provide automation)
  • Contact information of users who message you
  • Conversation threads and timestamps
  • Media attachments (images, videos, files)
  • Read receipts and delivery status

Integration Partners:

  • Shopify: Store URL, product data, order information, customer data (as authorized)
  • Calendly: Booking data, availability schedules, appointment details
  • Other integrations: Data as specified during connection setup

Payment Processors:

  • Transaction history
  • Subscription status
  • Billing address
  • Payment method details (we do not store card information)

3. How We Use Your Information

3.1 To Provide Our Service

  • Process and automate messages across channels
  • Execute flow-based automation rules
  • Generate AI-powered responses
  • Sync data with integrated platforms
  • Deliver real-time notifications
  • Maintain conversation history

3.2 To Improve Our Service

  • Analyze usage patterns and optimize features
  • Debug technical issues and errors
  • Conduct A/B testing for feature improvements
  • Train and improve AI models (anonymized data only)
  • Monitor system performance and scalability

3.3 For Business Operations

  • Process payments and manage subscriptions
  • Send transactional emails (receipts, password resets)
  • Provide customer support
  • Prevent fraud and abuse
  • Comply with legal obligations

3.4 For Communication

  • Send service updates and maintenance notifications
  • Share product updates and new features (opt-in)
  • Respond to support inquiries
  • Conduct user research and surveys (with consent)

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We engage trusted third-party service providers to process data on our behalf. These providers are contractually obligated to protect your data and use it only for the purposes we specify.

Service CategoryExamplesData SharedPurpose
Messaging PlatformsMeta (Instagram, Facebook, WhatsApp)Messages, contact info, mediaMulti-channel automation
Payment ProcessingSecure Payment ProcessorTransaction data, billing infoSubscription management
AI Service ProvidersOpenAI, AnthropicMessage content (anonymized)AI reply generation

4.2 Meta Platforms Data Sharing

What we send to Meta:

  • Outgoing automated messages
  • Message templates (for WhatsApp)
  • Delivery confirmations

What we receive from Meta:

  • Incoming messages and media
  • User profile information
  • Conversation metadata
  • Delivery and read receipts

Important: We only access Meta data necessary to provide our automation service. We do not sell, share, or use Meta data for any purpose other than delivering the Service to you.

4.3 AI Processing

When generating AI-powered replies:

  • Message content is sent to AI providers (OpenAI, Anthropic)
  • Data is encrypted in transit (TLS 1.3)
  • Providers do not use your data to train their models (per API terms)
  • Conversation history is limited to last 10 messages for context
  • We do not store AI provider logs beyond what's necessary

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid court orders or subpoenas
  • Government requests
  • Protection of our rights or property
  • Prevention of fraud or security issues

5. Data Storage and Security

5.1 Security Measures

Encryption:

  • All data in transit encrypted with TLS 1.3
  • Sensitive data at rest encrypted with AES-256-GCM
  • API keys and tokens encrypted before storage
  • Passwords hashed with bcrypt (cost factor 10)

Access Controls:

  • Role-based access control (RBAC)
  • Multi-factor authentication (optional)
  • Principle of least privilege for employees
  • Regular access reviews

5.2 Data Retention

We retain your data as specified in your subscription plan. For message history, retention ranges from 30 days (Free plan) to 365 days (Agency plan). Billing records are retained for 7 years for tax compliance.

6. Your Rights and Choices

6.1 Access and Portability

You have the right to access all personal data we hold about you and export it in machine-readable format (JSON, CSV). How to exercise: Go to Settings → Privacy → Export Data, or email info@socialaiflow.com

6.2 Correction and Updates

You can update your account information, profile settings, and contact management at any time through the platform dashbaord.

6.3 Deletion (Right to be Forgotten)

You can request deletion of your account and all associated data through Settings → Privacy → Delete Account, or by emailing info@socialaiflow.com

7. Meta Platforms-Specific Policies

We comply with all Meta Platform Terms, Instagram Platform Policies, and WhatsApp Business Policies. We only utilize your Meta data to provide the automation service and do not use it for advertising, marketing, or building user profiles.

8. Automated Decision-Making

We use AI to generate automated responses and flow engine to execute workflows. You have full control over these features and can review, modify, or disable them at any time.

9. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: info@socialaiflow.com