Back to Home

Privacy Policy

1. Introduction

Welcome to Dovera.ai ("we," "us," or "our"). We are committed to protecting the privacy of our clients and their end-users. This Privacy Policy explains how we collect, use, share, and protect information in relation to our website, dovera.ai, and the AI agent services we provide through our platform (the "Platform").

This policy covers two types of personal data:

  • Data we collect from our business clients who register for and use our Platform.
  • Data we process on behalf of our clients through the AI agents, which originates from Meta platforms (WhatsApp and Facebook Messenger).

2. Key Definitions

  • Client: A business or entity that registers for an account on the Dovera.ai Platform. The Client is the Data Controller for the information processed by their AI agent.
  • End-User: An individual who communicates with a Client's AI agent via WhatsApp or Facebook Messenger.
  • Platform Data: Any data or information we receive from Meta, including but not limited to End-User names, phone numbers, message content, and metadata.

3. Information We Collect

A. Information We Collect from Our Clients:

  • Directly Provided Information: When you register as a Client, we collect your name, business name, email address, phone number, and payment information.
  • Automatically Collected Information: When you visit our website, we may collect your IP address, browser type, and usage data to improve our services.

B. Platform Data We Process on Behalf of Our Clients:

As a Data Processor for our Clients, our AI agents receive and process the following Platform Data from End-Users who interact with our Client's WhatsApp or Facebook Messenger channels:

  • User Identifiers: WhatsApp phone number or Facebook Page-Scoped ID (PSID).
  • Profile Information: The End-User's name as it appears on their Meta profile.
  • Message Content: The full content of messages sent by the End-User, which may include text, images, or voice notes.
  • Metadata: Timestamps of messages and other technical data provided by the Meta API.

4. How We Use Information

A. Use of Client Information:

We use the information collected from our Clients to:

  • Create and manage their Dovera.ai account.
  • Process subscription payments.
  • Provide customer support and communicate with them about our services.
  • Improve our website and Platform.

B. Use of Platform Data (End-User Data):

We use Platform Data strictly on behalf of our Clients to provide the services they have subscribed to. This includes:

  • Receiving messages from End-Users via the Meta API.
  • Processing the content of these messages through our AI models to generate a relevant response.
  • Sending the AI-generated response back to the End-User via the Meta API.
  • Storing conversation history in our database for the sole purpose of providing our Clients with access to their conversation logs and for service improvement.

We do not use Platform Data for our own purposes, nor do we sell or rent it to any third parties.

5. Third-Party Data Processors

To provide our service, we rely on a few trusted third-party service providers who act as sub-processors. We share data with them only as necessary to deliver our service. Our key processors are:

  • Supabase, Inc.: Provides secure cloud hosting for our database, conversation logs, and knowledge base vector storage. Data is primarily processed in the United States and Germany.
  • OpenAI, L.L.C.: Provides the Large Language Models (LLMs) used to process message content and generate AI responses. Data is primarily processed in the United States.
  • [e.g., DigitalOcean, LLC]: Provides the cloud server infrastructure for hosting our core application logic. Data is processed in the region selected by us (e.g., Germany).

6. Integration with Google API Services

To enhance the functionality of our Platform, Dovera.ai offers optional integration with Google API Services. Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. This section details how we access and use information received from Google APIs with your explicit consent.

  • Google Sheets (Scope: .../auth/spreadsheets): Our application uses this permission to allow you to export your business leads, agent conversation logs, and other data directly into a Google Sheet that you own. This feature requires permission to create new sheets, and to read, write, and update data within sheets generated through our Platform. We do not access, view, or modify any of your Google Sheets that were not created by or for the purpose of our service.
  • Google Calendar (Scope: .../auth/calendar): Our application uses this permission to schedule appointments, meetings, and reminders for you and your clients. This feature requires permission to create new events and read events to avoid scheduling conflicts. We do not access, modify, or delete any calendar events unrelated to our application's functionality.

7. Information Sharing and Legal Compliance

We do not share personal information with third parties except as described in this policy. We may disclose information if required to do so by law or in the good-faith belief that such action is necessary to:

  • Comply with a legal obligation.
  • Protect and defend the rights or property of Dovera.ai or our Clients.
  • Act in urgent circumstances to protect the personal safety of users.

In the event of a request from a public authority for personal data, we are committed to:

  • Reviewing the legality of all such requests.
  • Challenging requests that we deem to be unlawful.
  • Disclosing only the minimum amount of information necessary to comply.
  • Documenting all requests and our responses.

8. Data Retention and Deletion

  • Client Data: We retain our Client's account information for as long as their account is active and for a reasonable period thereafter for legal and accounting purposes.
  • Platform Data (End-User Data): We retain conversation logs on behalf of our Clients as long as their account is active. A Client may request the deletion of their account and all associated conversation data at any time by contacting us. Upon account termination, all associated End-User data will be permanently deleted from our systems within a specified timeframe.

9. Your Rights and Choices

  • For our Clients: You have the right to access, correct, or delete your account information. You can manage your information through your dashboard or by contacting us directly.
  • For End-Users: Dovera.ai is a Data Processor. If you are an End-User and wish to exercise your data rights (access, correction, deletion), please contact the business (our Client) that you were interacting with on WhatsApp or Messenger, as they are the Data Controller.

10. Data Security

We implement industry-standard security measures to protect the information we handle. This includes encryption in transit and at rest, access controls, and regular security reviews. However, no method of transmission over the Internet is 100% secure.

11. Changes to This Privacy Policy

We may update this policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the effective date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at: [email protected]

Thank you for your trust in Dovera.ai. We are committed to protecting your privacy with the highest standards of care.