Shilte Privacy Policy

1. Information We Collect

We collect various types of information to provide and improve our services.

a. Information You Provide to Us:

• Business Information: Your business name, industry, and contact details provided during registration and profile setup.
• WhatsApp Account Information: Details related to your WhatsApp Business Account, including the WhatsApp phone number(s) connected to our platform via the Embedded Signup process.
• Integration Credentials/Tokens: Authentication tokens or API keys for CRM platforms (e.g., HubSpot, Zoho) and email marketing platforms that you choose to integrate with Shilte. We do not store your direct login credentials for these third-party services.
• Chatbot Content: Message templates, automated responses, and other content you configure within our platform for your chatbots.
• Communications: Records of your communications with us, including support inquiries and feedback.

b. Information We Collect Automatically:

• Usage Data: Information about how you interact with our platform, such as features used, time spent, and activities performed (e.g., number of messages sent, template usage, CRM sync activities, widget impressions).
• Technical Data: IP addresses, browser type, operating system, device identifiers, and other technical information when you access our services.
• Chatbot Logs: Logs of interactions between your customers and your WhatsApp chatbot, primarily for analytical purposes to help you improve your chatbot performance and troubleshoot issues. These logs may contain anonymized or aggregated interaction data (e.g., timestamps, conversation paths, common queries). We do not store the sensitive content of individual user messages exchanged between your customers and your WhatsApp chatbot beyond what is necessary for immediate service delivery by Twilio and Meta, and for the operation of Voiceflow logic.

2. How and Why We Use Your Information

We collect and process your information for the following purposes:

• Service Delivery and Onboarding: To set up your account, connect your WhatsApp number(s) via the Embedded Signup process, and provide you with access to our platform features. This includes facilitating messaging capabilities through Twilio and Meta's WhatsApp Business API.
• Chatbot Automation: To enable the creation, management, and deployment of your WhatsApp chatbots, including the use of message templates and integrations with chatbot logic platforms like Voiceflow.
• CRM and Email Platform Synchronization: To facilitate the flow of data between Shilte and your connected CRM (e.g., HubSpot, Zoho) or email marketing platforms, enabling seamless lead management and customer communication.
• Website Widget Functionality: To enable and manage the embedding of our chatbot widget on your website.
• Analytics and Improvement: To understand how our services are used, analyze trends, and gather insights to improve our platform's functionality, performance, and user experience. This includes optimizing chatbot performance and integration effectiveness.
• Communication: To communicate with you about your account, service updates, security alerts, and support inquiries.
• Security and Compliance: To maintain the security of our platform, detect and prevent fraud or abuse, and comply with legal obligations and Meta's platform policies.

3. Technologies and Third-Party Services We Use

Shilte utilizes a combination of technologies and integrates with third-party services to deliver its offerings:

• Firebase/Firestore: Used for database management, storing user account information, chatbot configurations, and other operational data.
• Twilio: Our primary communications platform for sending and receiving WhatsApp messages programmatically. Your WhatsApp number(s) and message routing data are processed by Twilio to enable service delivery.
• Meta (WhatsApp Business API): We integrate directly with Meta's WhatsApp Business API to facilitate the connection of your WhatsApp numbers and enable messaging capabilities. Data exchanged through this API is subject to Meta's privacy policies.
• Voiceflow: We use Voiceflow for designing, developing, and deploying chatbot logic. Interaction data relevant to the chatbot's operation may pass through Voiceflow.
• CRM Platforms (e.g., HubSpot, Zoho): If you choose to integrate, we connect with these platforms using secure API integrations to synchronize data as per your configuration.
• Email Marketing Platforms: If you choose to integrate, we connect with these platforms using secure API integrations to facilitate email-related functions.

4. How We Share Your Information

We do not sell your personal data. We share your information only when necessary to provide our services and for legitimate business purposes, and only with the following categories of third parties:

• Service Delivery Partners: Including Twilio, Meta (WhatsApp Business API), and Voiceflow, solely for the purpose of enabling message delivery, WhatsApp account connectivity, and chatbot logic processing.
• Integrated CRM and Email Platforms: Data is shared with these platforms only when you explicitly connect them to your Shilte account and configure data synchronization. The data shared is strictly limited to what is necessary for the integration to function as intended (e.g., contact information, conversation logs for CRM).
• Other Service Providers: We may engage other third-party service providers who assist us in operating our business (e.g., hosting, analytics, customer support). These providers are contractually obligated to protect your data and use it only for the purposes for which we disclose it to them.
• Legal Requirements: We may disclose your information if required by law, subpoena, or other legal process, or if we reasonably believe that such disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.

5. Your User Rights

You have specific rights regarding your personal data:

• Access: You have the right to request access to the personal data we hold about you.
• Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Withdrawal of Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
• Data Portability: You may have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Objection to Processing: You may have the right to object to the processing of your personal data in certain circumstances.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section.

6. User Data Deletion Policy

At Shilte, we are committed to protecting your privacy and ensuring the security of your data. This section outlines how users of our platform can request the deletion of their personal data, in compliance with Meta's developer requirements.

a. Data Subject to Deletion:

Upon a valid data deletion request, we will initiate the deletion of the following data associated with your Shilte account:

• Business Records: Your business name, industry information, and contact details.
• WhatsApp Account Information: Your connected WhatsApp numbers and associated configurations within Shilte.
• Integration Tokens: Authentication tokens or API keys for integrated CRM and email platforms. Note: This will disconnect Shilte from these third-party services. Data residing solely within those third-party services (e.g., your CRM data) would need to be deleted directly with those providers.
• Chatbot Content & Logs: Your customized message templates, automated responses, chatbot logic, and associated chatbot interaction logs (which are primarily anonymized or aggregated).
• Usage Data: Historical data on your platform usage.

Please note that some data is stored in **Firebase/Firestore**, **Twilio**, and potentially the **third-party CRM and email services** you have integrated with. Deletion requests will be processed across all relevant Shilte-controlled systems.

b. How to Request Data Deletion:

To submit a data deletion request, please follow these steps:

1. Send an Email: Compose an email clearly stating your request for data deletion.
2. Include Essential Information: In your email, please provide the following details to help us identify your account and the data you wish to delete:
   • Your Business Name registered with Shilte.
   • The WhatsApp Number(s) associated with your Shilte account.
   • A brief description of the data you would like to have deleted.
3. Send to Support: Send your data deletion request to our dedicated support email address:

   info@shilte.com

c. Deletion Timeframe and Process:

Upon receiving your valid data deletion request, Shilte will:

• Acknowledge Receipt: We will send you a confirmation email within a reasonable timeframe (typically 1-2 business days) to acknowledge receipt of your request.
• Verify Identity: We may take steps to verify your identity to ensure the security of your data and prevent unauthorized deletion.
• Process Deletion: We will initiate the deletion of your personal data from our active systems, including data stored in Firebase/Firestore and Twilio, and revoke integration tokens within **7–14 business days**. Please note that while we aim for prompt deletion, some data may take a short period to be completely removed from all backups and ancillary systems, consistent with our data retention policies and Meta's requirements.
• Confirmation: Once your data has been deleted, we will send you a final confirmation email.

This process is designed to comply with Meta's developer guidelines for data deletion, ensuring that user data is promptly removed upon request.

7. Data Retention and Protection Measures

We retain your personal data for as long as necessary to provide our services, comply with our legal obligations, resolve disputes, and enforce our agreements. Once your account is terminated or data deletion is requested (as per Section 6), we will delete or anonymize your data in accordance with our data retention policies and legal requirements.

We store your data on secure servers, primarily utilizing Firebase/Firestore. We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest.
• Access controls and authentication mechanisms to limit access to personal data.
• Regular security audits and vulnerability assessments.
• Staff training on data protection and privacy best practices.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

8. Age Restriction

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If you are a parent or guardian and believe your child has provided us with personal data, please contact us, and we will take steps to delete such information from our records.

9. GDPR and CCPA Compliance

Shilte is committed to complying with global data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

• GDPR (for EU residents): If you are located in the European Economic Area (EEA) or the UK, you have certain rights under the GDPR regarding your personal data, as outlined in Section 5 "Your User Rights."
• CCPA (for California residents): If you are a California resident, you have specific rights under the CCPA, including the right to know what personal information is collected, the right to request deletion, and the right to opt-out of the sale of personal information (which Shilte does not engage in).