Botify Privacy Policy

Last Updated: September 4, 2025

1. Introduction

Welcome to Botify ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI chatbot platform and related services, including our Instagram Business integration.

2. Information We Collect

2.1 Personal Information

• Account Information: Name, email address, password (encrypted)
• Profile Data: Creator name, business information, subscription details
• Contact Information: Support communications and account notifications

2.2 Instagram Data (When You Connect Your Account)

• Profile Information: Instagram username, account type (Business/Creator), profile details
• Message Data: Direct messages received and sent through your connected bots
• Usage Analytics: Message counts, response times, engagement metrics
• Account Status: Connection status and authorization permissions

2.3 Platform Usage Data

• Bot Configuration: Chatbot settings, personality descriptions, automation rules
• Usage Metrics: Message volumes, feature usage, performance analytics
• Technical Data: IP addresses, browser type, device information, log files

3. How We Use Your Information

3.1 Core Service Provision

• Create and manage AI chatbots for your social media accounts
• Facilitate automated responses to Instagram direct messages
• Provide analytics and insights about bot performance
• Process payments and manage subscriptions

3.2 Instagram Integration Specific Uses

• Message Automation: Respond to Instagram DMs on your behalf using AI
• Analytics: Generate reports on message engagement and revenue
• Account Management: Maintain connection status and refresh access tokens
• Compliance: Ensure messaging complies with Instagram's 24-hour rule and policies

4. Information Sharing and Disclosure

4.1 We DO NOT Sell Your Data

We never sell, rent, or trade your personal information or Instagram data to third parties.

4.2 Limited Sharing for Service Operation

• AI Service Providers: Message content sent to AI services (OpenAI, Anthropic, Google) for response generation
• Instagram/Meta: API calls necessary for bot functionality and compliance
• Payment Processors: Subscription and payment information for billing
• Cloud Infrastructure: Data stored on secure cloud services for platform operation

5. Instagram Data Protection

5.1 Access Tokens

• Instagram access tokens are encrypted at rest
• Tokens are automatically refreshed before expiration
• Token access is restricted to authorized platform operations only

5.2 Message Data

• Instagram messages are processed for bot responses only
• Messages are not used for marketing or advertising purposes
• Historical messages are retained for analytics and service improvement
• Message data can be deleted upon user request

6. Data Security

• Encryption: All sensitive data encrypted in transit and at rest
• Access Controls: Role-based access with multi-factor authentication
• Regular Security Audits: Ongoing security assessments and improvements
• Compliance: GDPR, CCPA, and industry security standards

7. Your Data Rights

7.1 Access and Control

• Access: Request copies of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and associated data
• Portability: Export your data in machine-readable format

7.2 Instagram Connection Control

• Disconnect: Remove Instagram account connection at any time
• Permission Management: Control what data we can access
• Data Deletion: Delete Instagram-related data from our systems

8. Data Retention

• Account Data: Retained while account is active, deleted upon account termination
• Instagram Messages: Retained for 2 years for analytics, or until deletion requested
• Usage Analytics: Aggregated, anonymized data retained for service improvement
• Legal Compliance: Some data may be retained longer to meet legal obligations

9. Cookies and Tracking

• Essential Cookies: Required for platform functionality and security
• Analytics Cookies: Track usage patterns to improve service (opt-in)
• No Third-Party Tracking: No advertising or behavioral tracking cookies

10. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard Contractual Clauses for EU users
• Adequacy decisions where applicable
• Security measures for data protection

11. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware of such data collection, we will delete the information immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Sending email notifications for material changes
• In-app notifications when you next log in

13. Contact Information

14. Instagram-Specific Data Handling

14.1 Connection Process

When you connect your Instagram Business account to Botify:

• You authorize us to access your Instagram profile and messaging data
• We store encrypted access tokens to maintain the connection
• We access only the data necessary for bot functionality

14.2 Message Processing

• Automated Responses: Messages are processed by AI to generate appropriate responses
• No Human Review: Messages are handled automatically unless you request human intervention
• Data Minimization: We process only data necessary for response generation

14.3 Compliance with Meta Policies

• All Instagram data handling complies with Meta's Platform Terms
• Message automation respects Instagram's 24-hour messaging window
• User consent is obtained before connecting accounts
• Data is used only for authorized business purposes

This privacy policy was last updated on September 4, 2025.
For the most current version, visit: https://env-webhook-sync.preview.emergentagent.com/privacy-policy.html