🔥Founding 10 launch · $249/moView

Effective date: 19 May 2026

Privacy Policy

Affnaai is committed to protecting the privacy of clients and their customers. This policy explains what data we collect, how we use it, and your rights.

1. Who We Are

Affnaai operates the AI receptionist platform at affnaai.com (the "Service"). We act as a data processor on behalf of our clients (businesses using our Service) and as a data controller for data we collect directly from website visitors and clients.

2. Data We Collect

From clients (businesses using Affnaai):

  • Contact information: name, email address, phone number, business name, and website.
  • Payment information: processed entirely by third-party payment processors. Affnaai does not store payment card details.
  • Business configuration data: FAQs, services offered, pricing, scheduling rules, tone guidelines, and other information used to train your AI receptionist.
  • Account usage data: login activity, feature usage, and support communications.

From end users (your customers interacting with the AI):

  • Conversation transcripts: messages exchanged with the AI receptionist across all configured channels.
  • Contact details voluntarily provided: name, phone number, email address, business website, appointment details, and other information shared during conversations.
  • Channel metadata: timestamps, message delivery status, and channel source (web chat, messaging platform, etc.).

Automatically collected:

  • Website usage data: pages visited, time on site, browser type, device type, and IP address.
  • Cookies and tracking: described in Section 9.

3. How We Use Data

We use collected data to:

  • Provide, operate, and maintain the Service.
  • Configure and train your specific AI receptionist.
  • Route conversations and deliver automated responses.
  • Process payments and manage billing.
  • Send service communications: onboarding, updates, and support.
  • Monitor and improve Service performance and reliability.
  • Detect fraud, abuse, and security incidents.
  • Comply with legal obligations.

We do not sell your data or your customers' data to any third party. We do not use conversation data to train AI models that are shared across multiple clients. Your business data and your customers' conversations remain specific to your account.

4. Data Sharing with Third Parties

We share data only as necessary to deliver the Service. Categories of third parties with whom data may be shared include:

  • AI language model providers: Conversation content is processed by AI providers to generate responses. These providers may include any current or future AI technology providers. We do not disclose your data to these providers for purposes other than generating AI responses.
  • Cloud hosting and infrastructure providers: Data is stored and processed on cloud infrastructure. These providers are contractually obligated to maintain appropriate security.
  • Calendar and scheduling platforms: Appointment data is shared with scheduling services to create and manage calendar events.
  • Telecommunications and messaging providers: Message content is passed through messaging infrastructure providers to deliver communications across channels including SMS and messaging apps.
  • Payment processors: Payment information is handled directly by payment processors. Affnaai does not receive or store full card details.
  • Analytics providers: Anonymised or aggregated website usage data may be shared with analytics tools.

All third-party providers are selected for their commitment to data security and are required to use data only for the purposes for which it was shared. We are not responsible for the independent data practices of third parties.

5. Client Responsibility for End-User Data

When Affnaai processes data on behalf of our clients (e.g. conversation data from your customers), the client acts as the data controller and Affnaai acts as the data processor. Clients are responsible for:

  • Ensuring they have a valid legal basis for collecting and processing their customers' data.
  • Obtaining all required consents for automated messaging before deploying the Service.
  • Responding to their customers' data rights requests.
  • Complying with applicable data protection laws in their jurisdiction.

6. Data Retention

  • Conversation transcripts: Retained for 90 days from the date of each conversation, then automatically deleted.
  • Account and configuration data: Retained for the duration of your subscription plus 30 days after cancellation.
  • Booking and appointment data: Subject to the retention policies of the scheduling platforms used.
  • Payment records: Retained as required by applicable financial and tax regulations.
  • On request: We will delete your data within 30 days of a verified deletion request, except where retention is required by law.

7. Security

We implement industry-standard security measures including encryption of data in transit (TLS/HTTPS) and at rest. Access to customer data is restricted to personnel who need it to deliver the Service.

No data transmission or storage system is guaranteed to be 100% secure. In the event of a data breach that affects your data, we will notify affected parties as required by applicable law and as promptly as reasonably practicable.

Affnaai is not liable for data breaches, unauthorized access, or data loss caused by third-party infrastructure providers, your own security practices, or circumstances beyond our reasonable control.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data (subject to legal retention requirements).
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Restriction: Request restriction of processing in certain circumstances.

To exercise any right, contact us using the details in Section 12. We will respond within 30 days. We may need to verify your identity before processing requests.

9. Cookies

Our website uses strictly necessary cookies to operate. We do not use advertising or tracking cookies.

Third-party services embedded in our platform — such as scheduling widgets — may set their own cookies governed by their respective privacy policies. You can control cookie settings through your browser, though disabling certain cookies may affect Service functionality.

10. International Data Transfers

Data may be transferred to and processed in countries other than your country of residence, including countries that may not provide the same level of data protection as your jurisdiction. Where required, we take appropriate safeguards for such transfers, including contractual protections with third-party providers.

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with data transfer restrictions, by using the Service you consent to your data being transferred internationally as described in this policy.

11. Children's Privacy

The Service is intended for businesses and adults. We do not knowingly collect personal data from individuals under the age of 16. If we become aware that we have collected data from a minor, we will delete it promptly.

12. Contact and Data Requests

For privacy-related questions, data requests, or to exercise your rights:

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our website at least 14 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.