Privacy Policy

Last updated: 2025-12-19

1. Introduction

This Privacy Policy describes how Asistian ("we," "us," or "our") collects, uses, and protects your information when you interact with our services. Our CRM platform integrates with multiple communication channels including Facebook Messenger, Instagram Direct Messages, WhatsApp Business, and other messaging platforms to help businesses manage customer relationships.

By using our services or interacting with businesses that use our platform, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

• Name and contact information (email, phone number)

• Messages and communications sent through various messaging platforms

• Business information and preferences

• Appointment and booking details

• Any other information you choose to provide

2.2 Information from Meta Platforms (Facebook, Instagram, WhatsApp)

When you communicate with businesses using our platform through Meta's services, we may collect:

• Facebook Messenger: Facebook user ID, profile name, profile picture, message content, timestamps, and delivery/read receipts

• Instagram Direct: Instagram user ID, username, profile picture, message content, media attachments, and message timestamps

• WhatsApp Business: Phone number, WhatsApp ID, profile name, message content, media attachments, delivery status, and read receipts

2.3 Automatically Collected Information

• IP address and device information

• Browser type and version

• Usage patterns and analytics

• Technical logs and error reports

• Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for the following purposes:

• Providing and improving our CRM services

• Processing and responding to your messages and inquiries

• Managing customer relationships and lead generation

• Sending automated responses and notifications on behalf of businesses

• Scheduling and managing appointments and bookings

• Providing AI-powered assistance for customer inquiries

• Analyzing usage patterns to improve our services

• Complying with legal obligations

• Preventing fraud and ensuring security

4. Meta Platforms Integration

Our platform integrates with Meta's family of services to enable businesses to communicate with their customers. This section describes how we handle data from each Meta platform.

4.1 Facebook Messenger

When you interact with a business through Facebook Messenger:

• We receive and store your messages and basic profile information

• We may use AI-powered responses to provide immediate assistance

• Your conversations are stored securely in our CRM system

• Message content may be analyzed to improve service quality

• Your data is processed in accordance with Meta's Platform Terms

4.2 Instagram Direct Messages

When you message a business through Instagram:

• We receive your Instagram username, profile picture, and message content

• Media files (images, videos) you send are stored securely

• Your conversation history is maintained for customer service purposes

• We comply with Instagram's API Terms of Use and Platform Policy

4.3 WhatsApp Business

When you communicate with a business through WhatsApp:

• We receive your phone number, profile name, and message content

• Message templates may be used for business-initiated communications

• Media files and documents you share are stored securely

• Delivery and read receipts are tracked for reliability

• We comply with WhatsApp Business Policy and Meta's Platform Terms

4.4 Meta Platform Data Use Commitment

We are committed to using data obtained from Meta platforms responsibly:

• We only access data necessary to provide our CRM services

• We do not sell data obtained from Meta platforms to third parties

• We do not use Meta platform data for advertising purposes unrelated to our services

• We comply with Meta's Data Use Restrictions and Platform Terms

• We promptly delete data when requested by users or when no longer needed

5. AI and Automated Processing

Our platform uses artificial intelligence to enhance customer service:

• Automated Responses: AI assistants may respond to your messages to provide immediate assistance

• Sentiment Analysis: Message content may be analyzed to understand customer sentiment

• Conversation Summarization: AI may summarize conversations for business users

• Booking Assistance: AI can help schedule appointments based on availability

You can request to speak with a human representative at any time during an automated conversation.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following circumstances:

• With the Business: Your communications are shared with the business you are contacting through our platform

• Service Providers: We use trusted third-party services (cloud hosting, AI providers) under strict confidentiality agreements

• Legal Requirements: When required by law, court order, or government request

• Safety: To protect the rights, property, or safety of our users or the public

• Business Transfer: In connection with a merger, acquisition, or sale of assets

6.1 Third-Party Services We Use

• Meta Platforms: Facebook Messenger, Instagram, WhatsApp Business API

• OpenAI: AI-powered conversation assistance

• Google: Calendar integration, email services

• Amazon Web Services: Cloud storage and hosting

• Twilio: SMS and messaging services

7. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256)

• Regular security assessments and penetration testing

• Role-based access controls limiting data access to authorized personnel

• Secure cloud infrastructure with industry-standard certifications

• Regular security training for our team

• Incident response procedures for potential data breaches

8. Data Retention

We retain your information for as long as necessary to:

• Provide our services to the businesses you interact with

• Comply with legal obligations and regulatory requirements

• Resolve disputes and enforce our agreements

• Maintain business records as required by law

Retention Periods:

• Message Content: Retained for the duration of the business relationship, unless deletion is requested

• Account Data: Retained until account deletion or as required by law

• Analytics Data: Aggregated and anonymized data may be retained indefinitely

9. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data we hold

• Correction: Request correction of inaccurate information

• Deletion: Request deletion of your personal information

• Portability: Request your data in a machine-readable format

• Objection: Object to certain types of data processing

• Restriction: Request limitation of data processing

• Withdraw Consent: Withdraw consent at any time where processing is based on consent

9.1 How to Exercise Your Rights

To exercise any of these rights, please contact us at no-reply@asistian.com. We will respond to your request within 30 days.

9.2 Data Deletion for Meta Platform Users

If you have interacted with a business through Facebook Messenger, Instagram, or WhatsApp, you can request deletion of your data by:

• Contacting the business directly to request data deletion

• Contacting us at the email address above

• Using your platform settings (Facebook, Instagram, WhatsApp) to manage data sharing

10. Cookies and Tracking

We use cookies and similar technologies for the following purposes:

• Essential Cookies: Required for platform functionality and security

• Analytics Cookies: Help us understand how users interact with our platform

• Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect platform functionality.

11. Third-Party Services

Our services integrate with the following third-party platforms. Each has their own privacy policies:

• Meta (Facebook, Instagram, WhatsApp) Privacy Policy

• Google Privacy Policy

• OpenAI Privacy Policy

• Amazon Web Services Privacy Policy

• Twilio Privacy Policy

12. Children's Privacy

Our services are not intended for children under 13 years of age (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

13. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses approved by the European Commission

• Data processing agreements with our service providers

• Encryption and security measures for data in transit

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may provide additional notice such as email notification.

15. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us:

Company: Asistian

Email: no-reply@asistian.com

16. Compliance

This Privacy Policy is designed to comply with applicable data protection laws and platform requirements, including:

• General Data Protection Regulation (GDPR) - European Union

• California Consumer Privacy Act (CCPA) - California, USA

• Lei Geral de Proteção de Dados (LGPD) - Brazil

• Meta Platform Terms and Developer Policies

• WhatsApp Business Policy

17. Meta Platform Specific Disclosures

In accordance with Meta's Platform Terms, we disclose the following:

17.1 Data We Access

• User messages sent to businesses through Facebook Messenger

• User messages sent to businesses through Instagram Direct

• User messages sent to businesses through WhatsApp Business

• Basic profile information (name, profile picture) as provided by Meta

• Page and account information for connected businesses

17.2 How We Use Meta Platform Data

• To enable businesses to receive and respond to customer messages

• To provide AI-assisted responses on behalf of businesses

• To track conversation history for customer service purposes

• To send approved template messages via WhatsApp Business API

17.3 Data Deletion

Users can request deletion of their data by contacting us. We provide a data deletion callback for Meta platforms and will process deletion requests within 30 days. To verify the status of a deletion request, users may contact us with their confirmation code.