Privacy Policy

AIRVIS ("AIRVIS", "we", "our", "us") provides an AI-powered sales agent that helps small businesses sell their products on WhatsApp, Instagram, and Telegram. This Privacy Policy explains what information we collect, why we collect it, and how we handle it.

This service is operated from Accra, Ghana. By using AIRVIS you agree to the practices described here.

1. Who this policy applies to

Two groups of people interact with AIRVIS:

• Merchants — business owners who sign up at airvis.io to use AIRVIS as their sales agent.
• Buyers — customers who message a merchant's WhatsApp, Instagram, or Telegram account that AIRVIS manages on the merchant's behalf.

2. Information we collect

Merchant accounts

• Name, email, phone number, and password (hashed) at signup.
• Business profile: business name, industry, location, return policy, payment instructions, operating hours.
• Product catalog: product names, descriptions, images, prices, stock levels.
• Messaging credentials supplied via OAuth — WhatsApp Business phone IDs and access tokens, Instagram Business user IDs and access tokens, Telegram bot tokens. We never see merchant passwords for these third-party services.
• Subscription tier, billing history (mobile-money references), and usage counts.

Buyer conversations

• The contents of messages exchanged between buyers and the merchant's connected channels (WhatsApp, Instagram, Telegram), so the AI can respond and the merchant can review.
• Buyer identifiers as provided by the platform (phone number for WhatsApp, IG-scoped user ID for Instagram, Telegram chat ID and username).
• Order details negotiated through the agent: items, quantities, agreed price, delivery location.

Technical data

• IP addresses, device information, and timestamps for security and abuse prevention.
• Diagnostic logs (limited message metadata, error traces) to keep the service running.

3. How we use information

• To run the AI agent: incoming buyer messages are sent to Anthropic (Claude) so the agent can craft a contextually appropriate reply on the merchant's behalf.
• To deliver replies: outgoing replies are sent to Meta (WhatsApp Cloud API and Instagram Graph API) and Telegram Bot API to reach the buyer.
• To show analytics: aggregated metrics (revenue, conversion rate, channel performance) on the merchant dashboard.
• To process billing: verify mobile-money payments and apply usage caps.
• To improve the product: anonymized, aggregated usage data informs product decisions. We do not train Claude on merchant or buyer data.

4. Third parties we share data with

We use the following service providers strictly to deliver AIRVIS. Each is bound by their own privacy terms:

• Anthropic — provides the AI model (Claude) that generates agent responses. Conversation text is sent to Anthropic's API for inference. Anthropic Privacy
• Meta Platforms — WhatsApp Business and Instagram Graph APIs are used to send and receive messages on the merchant's connected accounts. Meta Privacy
• Telegram — Bot API is used for the merchant's Telegram channel. Telegram Privacy
• Railway — hosting and managed PostgreSQL database. Railway Privacy
• Cloudflare — DNS, CDN, and DDoS protection for airvis.io. Cloudflare Privacy

We do not sell merchant or buyer data. We do not share data with advertisers.

5. Data retention

• Conversations: kept for as long as the merchant's account is active. Merchants can delete individual conversations from the dashboard at any time.
• Account data: kept until the merchant deletes their account. After deletion, data is purged within 30 days from primary databases and within 90 days from backups.
• Diagnostic logs: retained for up to 30 days for debugging and abuse investigation, then deleted.
• Billing records: retained for up to 7 years to comply with Ghanaian tax and accounting requirements.

6. Security

We use HTTPS for all traffic, hash passwords with bcrypt, store access tokens encrypted at rest, and apply least-privilege access controls. No system is perfectly secure, but we treat your data as we'd treat our own.

7. Your rights

Merchants can at any time:

• Access and edit their account information from the dashboard.
• Disconnect any channel (WhatsApp, Instagram, Telegram) from the Settings → Channels page, which immediately revokes our use of those tokens.
• Export their conversation history by emailing hello@airvis.io.
• Delete their account by emailing hello@airvis.io with the subject line "Delete my account".

Buyers who interact with a merchant's AIRVIS-managed account can request deletion of their conversation history by emailing privacy@airvis.io with the merchant's name and the buyer's identifying phone number or username.

8. Children's privacy

AIRVIS is not intended for use by children under 18. We do not knowingly collect data from anyone under 18. If you believe a child has provided us data, contact us and we will delete it.

9. International data transfers

AIRVIS is operated from Ghana but data may be processed by service providers (Anthropic, Meta, Cloudflare, Railway) located in the United States and Europe. By using AIRVIS you consent to these transfers.

10. Changes to this policy

We may update this policy as the product evolves. Material changes will be announced on the dashboard and via email. Continued use of AIRVIS after changes take effect constitutes acceptance.

11. Contact

For privacy questions, data requests, or anything else:

• Email: hello@airvis.io
• Privacy-specific: privacy@airvis.io
• Operated from Accra, Ghana