Privacy Policy
Updated Date: Nov 16, 2024
Introduction
NEOAMYRA AI SOLUTIONS PRIVATE LIMITED ("weya.ai," "we," "us," "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered customer experience platform and services.
Who This Applies To:
Business customers who subscribe to our Services
End users who interact with AI agents powered by weya.ai
Website visitors and prospective customers
Partners and service providers
Your Rights: You have rights regarding your personal data including access, correction, deletion, and objection to processing. See Section 8 for details.
Contact Us: privacy@weya.ai
1. Information We Collect
1.1 Information You Provide Directly
Business Customer Information:
Company name, business address, tax identification
Contact details: names, email addresses, phone numbers
Billing information: payment details, invoicing address
Account credentials: username, password, security questions
Business requirements and preferences
End User Interaction Data (when you contact our clients):
Name, phone number, email address
Voice recordings of calls with AI agents
WhatsApp, SMS, and email message content
Customer service queries and feedback
Transaction or order information shared during conversations
1.2 Information Collected Automatically
Usage and Technical Data:
IP address, device identifiers, browser type and version
Operating system, device model, mobile network information
Session IDs, cookies, and similar tracking technologies
Log files: access times, pages viewed, clicks, navigation paths
Platform usage patterns and feature engagement
Performance data and error reports
Communication Metadata:
Call duration, timestamp, call disposition
Message delivery status and timestamps
Conversation flow and interaction patterns
Session duration and channel used
1.3 Information from Third Parties
Integration data from CRM systems (if authorized by our customers)
Telephony provider metadata (call routing, quality metrics)
Payment processing information from payment gateways
Authentication data from single sign-on providers
Public business information from directories and databases
2. How We Use Your Information
2.1 To Provide and Improve Services
Operate AI-powered voice, WhatsApp, email, and SMS automation
Process customer interactions and generate conversation transcripts
Provide analytics, insights, and performance reporting
Integrate with customer's CRM and business systems
Deliver technical support and troubleshooting
Send service notifications, updates, and alerts
2.2 Service Improvement and AI Training
Analyze usage patterns to optimize platform performance
Train and improve AI models using anonymized, aggregated data
Develop new features and capabilities
Conduct research and testing
Generate industry benchmarks (anonymized data only)
Note: Customers may opt out of AI training in their Service Agreement (Annexure C). Individual identifiers are removed before data is used for training.
2.3 Business Operations
Process billing, payments, and invoicing
Prevent fraud, security threats, and abuse
Enforce Terms of Service and legal agreements
Comply with legal obligations and respond to lawful requests
Conduct audits and business analysis
2.4 Marketing and Communication (Business Customers Only)
Send product updates, newsletters, and promotional content
Provide information about new features and services
Conduct customer surveys and collect feedback
Host webinars, events, and training sessions
You can opt out of marketing communications at any time using unsubscribe links or by contacting support@weya.ai.We do NOT use end-user data (your customers' data) for our own marketing purposes.
3. Data Retention and Deletion
3.1 Customer Interaction Data (End Users)
Automatic Deletion: Personal data from customer interactions (call recordings, transcripts, messages, contact information) is automatically and permanently deleted 90 calendar days after collection.
What Gets Deleted:
All voice call recordings and audio files
Conversation transcripts
WhatsApp, SMS, email message content
Contact information (phone numbers, emails, names)
Session logs and metadata
Deletion Method: Secure, irreversible deletion from all systems including databases, backups, and logs using industry-standard techniques.
3.2 Business Customer Account Data
Active customer account data retained for duration of Service Agreement
Billing records retained for 7 years for tax and accounting compliance
Contract documents retained as legally required
Upon account termination, data deleted within 30 days except where legal retention required
3.3 Anonymized Data
Aggregated, non-identifiable data may be retained indefinitely for:
Service improvement and optimization
AI model training and development
Industry research and benchmarking
This data cannot be traced back to individuals and does not constitute personal data.
3.4 Your Backup Responsibility
Important for Business Customers: If you need conversation data beyond 90 days for your own compliance or business needs, you must export and backup data before automatic deletion. Export tools available in your dashboard.
4. How We Share Your Information
4.1 We Do NOT Sell Personal Data
weya.ai does not sell, rent, or trade personal information to third parties for their marketing purposes.
4.2 Service Providers and Sub-processors
We share data with trusted third-party service providers who help us deliver Services:
Infrastructure and Hosting:
Amazon Web Services (AWS)
Microsoft Azure
Google Cloud Platform
Communication Services:
Twilio, Exotel, Kaleyra (telephony)
WhatsApp Business API providers
SMS gateway providers
Business Operations:
Payment processors (Stripe, Razorpay)
Email services (SendGrid, Amazon SES)
Analytics and monitoring tools (Datadog, LogRocket)
CRM and support tools (HubSpot)
All service providers are contractually bound to protect your data and use it only for authorized purposes. See full list at weya.ai/dpa Section 5.
4.3 Business Customers' Access to Their Data
Our business customers (your service provider) have access to their end-user interaction data. They are the data controllers responsible for how they use this data.
4.4 Legal Requirements and Protection
We may disclose information when required by law or to:
Comply with legal obligations, court orders, or regulatory requests
Enforce our Terms of Service and agreements
Protect our rights, property, and safety or that of others
Prevent fraud, security threats, or illegal activities
Respond to emergency situations involving safety
4.5 Business Transfers
In the event of merger, acquisition, reorganization, or sale of assets, personal information may be transferred to the successor entity. We will notify you before your data is transferred and becomes subject to a different privacy policy.
5. Data Security
5.1 Security Measures
We implement industry-standard security practices:
Technical Safeguards:
AES-256 encryption for data at rest
TLS 1.2+ encryption for data in transit
Multi-factor authentication for administrative access
Role-based access controls and privilege management
Firewalls, intrusion detection/prevention systems
24/7 security monitoring and threat detection
Regular vulnerability scanning and penetration testing
Comprehensive audit logging
Organizational Safeguards:
Security policies and procedures
Personnel confidentiality agreements
Background checks for staff with data access
Regular security awareness training
Incident response and disaster recovery plans
Annual third-party security audits
5.2 Your Responsibility
For Business Customers:
Use strong passwords and enable multi-factor authentication
Protect API keys and authentication credentials
Restrict access to authorized personnel only
Report security concerns immediately to support@weya.ai
For End Users:
Protect your contact information and conversation history
Be cautious about sharing sensitive information in conversations
Report suspicious activity to the business you're interacting with
5.3 No Guarantee
While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security against all threats. You acknowledge the inherent risks of internet and electronic transmission.
6. International Data Transfers
6.1 Cross-Border Processing
Your data may be transferred to, stored in, and processed in countries where we or our service providers operate, including India, United States, European Union, and other regions.
These countries may have different data protection laws than your jurisdiction.
6.2 Safeguards for International Transfers
For EU Data:
EU Standard Contractual Clauses for transfers outside EEA
Adequacy decisions where available
Appropriate safeguards as required by GDPR
For All Transfers:
Contractual protections with service providers
Encryption and access controls
Compliance with applicable data transfer regulations
6.3 India Operations
weya.ai is headquartered in India and operates under Indian law including the Digital Personal Data Protection Act (DPDPA) 2023. We provide equivalent or superior protections for data subject to GDPR, CCPA, and other international regulations.
7. Cookies and Tracking Technologies
7.1 What We Use
Essential Cookies:
Session management and authentication
Platform functionality and performance
Security and fraud prevention
Analytics Cookies:
Usage statistics and platform analytics
Error tracking and performance monitoring
Feature engagement and user behavior
Marketing Cookies (Website Only):
Website visitor tracking
Campaign effectiveness measurement
Remarketing and advertising (if applicable)
7.2 Your Choices
Browser Settings: Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling cookies may limit platform functionality.
Opt-Out Tools: You can opt out of third-party analytics cookies through:
Google Analytics Opt-out: tools.google.com/dlpage/gaoptout
Browser privacy settings and extensions
Platform privacy settings
7.3 Do Not Track
Some browsers support "Do Not Track" signals. Our website may not respond to Do Not Track signals, but you can control tracking through cookie settings.
8. Your Privacy Rights
8.1 Rights Under Applicable Laws
Depending on your jurisdiction, you may have the following rights:
Access: Request confirmation of what personal data we process and obtain a copy
Rectification: Request correction of inaccurate or incomplete data
Erasure: Request deletion of your personal data ("right to be forgotten")
Restriction: Request limitation of how we process your data
Portability: Receive your data in structured, machine-readable format
Objection: Object to processing based on legitimate interests or for direct marketing
Withdraw Consent: Withdraw previously given consent for processing
Opt-Out of Sale/Sharing: (CCPA) Opt out of sale or sharing for cross-context advertising
Non-Discrimination: (CCPA) Not be discriminated against for exercising privacy rights
8.2 How to Exercise Rights
For Business Customers:
Email support@weya.ai with your request
Log into your account dashboard to manage preferences
Contact your account manager
For End Users (Customers of Our Clients):
Contact the business you interacted with (they are the data controller)
If unable to reach them, email support@weya.ai and we will assist
Response Time: We respond to verified requests within:
30 days (GDPR)
45 days (CCPA, extendable to 90 days)
As required by applicable law
Verification: We may request information to verify your identity before fulfilling requests.
8.3 Data Deletion Limitations
We cannot recover data that has already been deleted per our 90-day retention policy. We will confirm deletion date if applicable.
9. Children's Privacy
weya.ai Services are intended for businesses and adults. We do not knowingly collect personal information from children under 18 (or under 13 in certain jurisdictions).
If you believe we have inadvertently collected information from a child, contact us immediately at support@weya.ai and we will delete such information promptly.
10. Third-Party Links and Services
Our platform may contain links to third-party websites, services, or integrations. This Privacy Policy does not apply to those external sites. We are not responsible for privacy practices of third parties. Review their privacy policies before providing information.
Integrated Services:
CRM systems (HubSpot, Salesforce, etc.)
Communication platforms
Business applications
When you authorize integrations, those providers' privacy policies also apply to data they receive.
11. Changes to This Privacy Policy
11.1 Updates
We may update this Privacy Policy to reflect:
Changes in our services or business practices
Legal or regulatory requirements
Improvements in privacy protection
Notification:
"Last Updated" date at top of this policy
Email notification for material changes (business customers)
Notice posted on website and in platform
Acceptance: Continued use of Services after changes constitutes acceptance of updated policy. If you disagree with changes, discontinue use and contact us to close your account.
11.2 Version History
Previous versions of this Privacy Policy are available upon request at support@weya.ai.
12. Jurisdiction-Specific Information
12.1 India (DPDPA 2023)
weya.ai complies with India's Digital Personal Data Protection Act 2023. Indian residents have rights to access, correction, erasure, and grievance redressal.
Grievance Officer:
Email: support@weya.ai
Address: D-241, Sector 110, Noida - 201301, Uttar Pradesh, India
12.2 European Union (GDPR)
For EU residents, weya.ai acts as a data processor for our business customers. Your business service provider is typically the data controller.
Legal Basis for Processing:
Contract performance
Legitimate interests (service improvement, security)
Legal obligations
Consent (where obtained)
EU Representative: [If applicable, add EU representative details]
Supervisory Authority: You have the right to lodge a complaint with your local Data Protection Authority.
12.3 California (CCPA/CPRA)
California Residents' Rights:
Know what personal information is collected
Know whether personal information is sold or shared
Access personal information
Delete personal information
Opt-out of sale/sharing
Correct inaccurate information
Limit use of sensitive personal information
We Do Not Sell Personal Information: weya.ai does not sell personal information as defined by CCPA.
Authorized Agent: You may designate an authorized agent to submit requests on your behalf. We require written authorization.
13. Contact Information
General Privacy Inquiries: privacy@weya.ai
Security Concerns: security@weya.ai
Data Subject Requests: Submit requests to privacy@weya.ai
Mailing Address:
NEOAMYRA AI SOLUTIONS PRIVATE LIMITED
D-241, Sector 110
Noida - 201301
Uttar Pradesh, India
Phone:+91 88025 39664
Response Time: We respond to inquiries within 5 business days.
14. Effective Date and Acceptance
This Privacy Policy is effective as of May 16, 2025.
By using weya.ai Services, visiting our website, or providing personal information to us, you acknowledge that you have read, understood, and agree to this Privacy Policy.
If you do not agree, please discontinue use of our Services immediately.
