Privacy Policy — BotsBand

Last updated: 05.12.2025

This Privacy Policy explains how BotsBand (referred to as “Company”, “we”, “us”, “our”) collects, uses, stores, and protects personal data of users interacting with our chatbots developed for Meta platforms (Facebook Messenger, Instagram Direct) and WhatsApp, as well as visitors of our website.

We respect your privacy and are committed to protecting personal information in accordance with applicable data protection laws, including the laws of Ukraine, the EU General Data Protection Regulation (GDPR), and Meta/WhatsApp data processing policies.

1. Information We Collect

We may collect and process the following categories of personal data depending on chatbot functionality and integration settings.

1.1. Information provided by users voluntarily

• name, surname, or nickname;
• phone number (especially relevant for WhatsApp and Meta Business APIs);
• email address;
• other contact details;
• any information and content sent in chatbot messages (text, images, audio, video, files, etc.).

1.2. Automatically collected data

• Meta/Facebook/Instagram user ID, WhatsApp Business ID or internal user identifier;
• device information (type, operating system, browser type, language settings);
• timestamps and logs of interactions with the chatbot;
• chatbot usage data (clicked buttons, conversation flows, submitted forms, issued commands);
• WhatsApp Business API data (messages, delivery/read status, linkage to phone number).

1.3. Third-party data (with permission)

• data from integrated systems such as CRM, ERP, ticketing tools, or Google Sheets;
• data shared by the business client (our customer) who owns the chatbot and acts as data controller;
• additional information required to provide automation or support services as agreed with the client.

2. Purpose of Data Processing

We process personal data solely to provide, maintain, and improve our services. Data may be used for:

• ensuring the technical operation of chatbots on WhatsApp, Facebook Messenger, and Instagram Direct;
• handling user requests, support conversations, and service communications;
• automation of requests, forms, bookings, or orders through chatbots;
• analytics, reporting, and improvement of chatbot performance and user experience;
• sending service notifications or marketing messages (only with the user’s consent and in line with Meta/WhatsApp policies);
• ensuring security, preventing fraud and misuse of the service;
• fulfilling contractual obligations with our business clients.

3. Data Sharing and Disclosure

We do not sell or rent personal data to third parties. We may share data only in the following cases:

• Technical service providers – such as hosting providers, infrastructure providers, and integration partners (including APIs for Meta and WhatsApp) strictly for the purpose of operating the service.
• Business client (data controller) – when the chatbot is developed for a company that is the owner of the bot and determines purposes and means of processing.
• Legal requirements – when disclosure is required by applicable law, court order, or competent authority.
• With consent – when the user or client explicitly agrees to share data with another party.

Meta and WhatsApp may independently process data according to their own privacy policies and terms of service. We encourage you to review the privacy policies of these platforms.

4. Legal Basis for Processing (GDPR, where applicable)

Where the GDPR applies, we rely on one or more of the following legal bases for processing:

• performance of a contract or taking steps at the request of the data subject prior to entering into a contract;
• legitimate interests pursued by us or our clients, provided that such interests are not overridden by your rights and freedoms;
• compliance with a legal obligation;
• your consent, where explicitly requested (e.g. for marketing communications).

5. Data Retention

We store personal data only for as long as necessary for the purposes described in this Policy or in accordance with retention periods defined by our business clients (data controllers), unless a longer period is required or permitted by law.

In particular, data may be kept:

• for the duration of the chatbot project and active services;
• until the user requests deletion of their data, where applicable;
• for the period necessary to comply with legal obligations or resolve disputes.

6. Data Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures may include:

• use of secure servers and encryption (e.g. SSL/TLS);
• access control and authentication for internal systems;
• logging and monitoring of system activities;
• internal policies and staff training regarding data protection.

However, no method of data transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

7. User Rights

Depending on your jurisdiction and applicable law (including GDPR, where relevant), you may have the right to:

• request access to your personal data that we process;
• request correction (rectification) of inaccurate or incomplete data;
• request deletion (“right to be forgotten”) in certain circumstances;
• restrict or object to processing of your data in certain cases;
• withdraw your consent at any time, where processing is based on consent;
• receive a copy of your data in a structured, commonly used and machine-readable format (data portability);
• lodge a complaint with a competent data protection authority.

To exercise your rights, please contact us using the contact details provided in Section 10. If the chatbot is implemented for a specific business client, we may redirect your request to that client as the data controller.

8. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to enhance user experience and analyze website traffic. Cookies may be used for:

• ensuring proper website functionality and performance;
• remembering user preferences and settings;
• analytics and statistics (e.g. using tools such as Google Analytics or Meta Pixel);
• measuring the effectiveness of campaigns and improving our services.

You can manage or disable cookies via your browser settings. Please note that disabling cookies may affect the functionality of some parts of the website.

9. International Data Transfers

Our services and infrastructure may involve the transfer of personal data to countries outside your country of residence, including countries that may not provide the same level of data protection as your jurisdiction. Where required, we will take appropriate safeguards to ensure that such transfers comply with applicable data protection laws (for example, by using standard contractual clauses approved by the European Commission).

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our data processing practices, or the functionality of our services.

The latest version of this Policy will always be available on our website. Continued use of our services after the Policy has been updated constitutes your acceptance of the revised terms.

11. Contact Information

If you have any questions regarding this Privacy Policy or the processing of your personal data, please contact us:

BotsBand
Email: master.account@botsband.online
Website: https://botsband.online
Telegram: https://t.me/Rostyslav_Tuchak