Privacy Policy
Terms of Service
Data Processing
Privacy Policy
Last updated: March 28, 2026
Botline ("we", "our", "us") is committed to protecting your privacy. This policy explains how we collect, use, and protect your data when you use our platform.
🔒TL;DR: We only collect what's necessary to run your AI agent. We never sell your data. We never train our AI on your conversations. Your business data stays yours.
1. Information We Collect
| Data Type | What | Why |
|---|
| Account Info | Name, email, business name, password hash | Account creation & authentication |
| WhatsApp Data | Phone number, connection status | Connect your WhatsApp agent |
| Knowledge Base | Documents you upload (PDFs, FAQs, URLs) | Train your AI agent |
| Conversations | Messages between your customers and AI | Deliver AI replies, analytics, lead scoring |
| Usage Data | Message counts, response times, features used | Billing, analytics dashboard, service improvement |
| Payment Info | Processed by Stripe — we never see your card | Subscription billing |
2. How We Use Your Data
- Deliver AI-powered WhatsApp replies to your customers
- Search your knowledge base to find relevant answers (RAG)
- Score leads and track analytics on your dashboard
- Process billing and enforce fair usage limits
- Send you service notifications (never marketing without consent)
- Improve our platform's reliability and performance
3. What We NEVER Do
🚫
We NEVER:
• Sell your data to third parties
• Train AI models on your conversations or knowledge base
• Share your customer data with other Botline tenants
• Access your WhatsApp messages unless you grant support access
• Store payment card details (Stripe handles all payments)
4. AI Model Data Processing
When your AI agent replies to a customer, the conversation is sent to your chosen AI provider (Anthropic, OpenAI, DeepSeek, etc.) for processing. Each provider has their own data policies:
- Botline-managed keys: We use API keys with "no training" agreements. Your data is not used to train models.
- BYOK (your own key): Data is processed under your own agreement with the AI provider. Botline is only the intermediary.
5. Data Storage & Security
- All data encrypted at rest (AES-256) and in transit (TLS 1.3)
- Database hosted on AWS (Singapore region) with automated backups
- Knowledge base embeddings stored in PostgreSQL with pgvector
- API keys and secrets encrypted with AES-256-GCM
- Self-hosted deployments: you control where data is stored
6. Data Retention
| Data | Retention |
|---|
| Conversations | Per your plan (7 days Free, 30 days Starter, 90 days Pro, unlimited Enterprise) |
| Knowledge base | Until you delete it |
| Account data | Until account deletion + 30 days grace period |
| Billing records | 7 years (legal requirement) |
7. Your Rights
You can at any time:
- Export all your data (conversations, knowledge base, analytics)
- Delete your account and all associated data
- Modify your personal information from the dashboard
- Opt out of non-essential communications
8. Cookies
We use only essential cookies for authentication and session management. No tracking cookies, no third-party analytics cookies, no advertising cookies.
Terms of Service
Last updated: March 28, 2026
By using Botline, you agree to these terms. Please read them carefully.
1. Service Description
Botline provides an AI-powered WhatsApp messaging platform that helps businesses automate customer conversations, qualify leads, and book appointments. The service includes a dashboard, knowledge base, AI engine, and integrations.
2. Account Responsibilities
- You must provide accurate business information
- You are responsible for all activity under your account
- You must keep your login credentials secure
- You must be at least 18 years old to use Botline
- One account per business — no account sharing
3. Acceptable Use
You agree NOT to use Botline to:
- Send spam, unsolicited messages, or bulk marketing without consent
- Impersonate another person or business
- Distribute malware, phishing, or fraudulent content
- Violate WhatsApp's Terms of Service or Business Policy
- Use the AI to generate illegal, harmful, or misleading content
- Resell Botline's service without a reseller agreement
- Attempt to reverse-engineer, scrape, or abuse the platform
4. WhatsApp Compliance
🔒Important: Botline enforces Meta's 2026 WhatsApp Business policy. Your AI agent must be task-specific (support, sales, booking) — not a general-purpose chatbot. We reserve the right to suspend accounts that violate WhatsApp's policies.
5. Plans & Billing
- Free plan: 100 messages/month, no credit card required, forever free
- Paid plans: billed monthly or annually via Stripe
- Upgrade/downgrade at any time — changes take effect next billing cycle
- Refunds: pro-rated for annual plans within 14 days. No refunds for monthly.
- Fair usage: exceeding your plan's message limit pauses AI replies until next cycle
6. Intellectual Property
- Your content: You own everything you upload (documents, FAQs, conversations). We don't claim any rights.
- Our platform: Botline's code, design, and brand are our intellectual property.
- AI outputs: AI-generated replies are considered your content for your business use.
7. Limitation of Liability
Botline is provided "as is." While we strive for 99.9% uptime, we cannot guarantee uninterrupted service. We are not liable for:
- AI responses that are inaccurate or inappropriate
- WhatsApp account bans due to policy violations
- Revenue loss from service downtime
- Actions taken by third-party integrations (n8n, OpenClaw)
8. Termination
- You may delete your account at any time from the dashboard
- We may suspend accounts that violate these terms with 7 days notice
- We may immediately suspend accounts involved in fraud or abuse
- Upon termination, your data is retained for 30 days then permanently deleted
9. Changes to Terms
We may update these terms with 30 days notice via email. Continued use after the notice period constitutes acceptance.
Data Processing Agreement
Last updated: March 28, 2026
This DPA applies to the processing of personal data by Botline on behalf of our customers (data controllers).
1. Roles
| Party | Role | Description |
|---|
| You (Tenant) | Data Controller | You determine what data to collect and how your AI agent interacts with customers |
| Botline | Data Processor | We process data on your behalf to deliver the AI messaging service |
| AI Providers | Sub-Processors | Claude (Anthropic), GPT (OpenAI), etc. process messages to generate replies |
2. Sub-Processors
| Provider | Purpose | Location |
|---|
| AWS (Amazon) | Cloud hosting, database, storage | Singapore (ap-southeast-1) |
| Anthropic | Claude AI model (when selected) | United States |
| OpenAI | GPT models (when selected) | United States |
| DeepSeek | DeepSeek models (when selected) | China |
| Stripe | Payment processing | United States |
3. Security Measures
- AES-256 encryption at rest for all databases and storage
- TLS 1.3 encryption in transit for all API calls and data transfers
- Tenant data isolation — no cross-tenant access possible
- Regular security audits and penetration testing
- Automated backups with point-in-time recovery
- Access logging and monitoring via Prometheus/Grafana
4. Data Subject Rights
We assist you in fulfilling data subject requests (access, correction, deletion, portability) from your customers. Contact us at dpa@botline.cc for assistance.
5. Breach Notification
In the event of a data breach affecting your customer data, we will notify you within 72 hours with details of the breach, affected data, and remediation steps.