Privacy Policy

1. Who We Are

esek.io ("we", "our", "us") operates a business messaging platform that connects service providers with their customers via WhatsApp. This policy explains how we collect, use, and protect personal data.

2. Data We Collect

• Account data: name, email address, and password hash of registered agents.
• Customer conversation data: WhatsApp phone number, display name, and messages exchanged through the platform.
• Media files: images, videos, documents, and audio messages sent or received via WhatsApp.
• Usage data: log entries and error traces generated during normal operation.

3. How We Use Data

• To provide the messaging and booking service to connected businesses.
• To enable AI-assisted replies and booking confirmations.
• To send transactional email notifications (e.g. new conversation alerts).
• To improve platform reliability and diagnose technical issues.

4. Data Sharing

We do not sell personal data. Data may be shared with:

• Meta (WhatsApp): messages are transmitted via the WhatsApp Business API.
• OpenAI: conversation context is sent to OpenAI's API solely for generating automated replies.
• Infrastructure providers: Google Cloud Platform hosts our servers and databases.

5. Data Retention

Conversation messages are retained for as long as the associated business account is active. Upon account deletion all associated data is permanently removed within 30 days.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. See our Data Deletion page for the deletion request process.

7. Cookies

The web application uses only essential session cookies for authentication. No tracking or advertising cookies are used.

8. Security

All data is transmitted over TLS. Passwords are hashed with bcrypt. Database access is restricted to authenticated services inside our private network.

9. Contact

Questions about this policy? Contact us at privacy@esek.io.