Privacy Policy

AIBizConnect (“AIBizConnect”, “we”, “us”) operates the platform at app.aibizconnect.app, which helps businesses build websites and manage marketing, customer relationships, messaging, and payments. This policy explains what we collect, why, and the choices you have. It is provided in good faith and is not legal advice; please have it reviewed by your own counsel before relying on it.

Who is responsible for your data

For people who sign up to use AIBizConnect (our customers), we are the data controller. For the contacts, leads, and end-customers that our customers manage inside the platform, our customers are the controller and we act as their processor — we handle that data on their behalf and on their instructions.

Information we collect

• Account & business information — name, email, business details, and settings you provide.
• CRM & content you add — contacts, conversations, appointments, opportunities, invoices, forms, and website content you create or import.
• Connected accounts — when you connect a third-party account (e.g., Facebook/Instagram, Google, Twilio, Stripe), we store the access tokens needed to provide the service. Tokens are encrypted and never shared.
• Messaging data — the content of messages you send or receive through connected channels (SMS, email, Messenger, Instagram, WhatsApp, web chat) so we can show them in your inbox.
• Usage & device data — log data, IP address, and basic analytics to operate and secure the service.

Data obtained through Facebook & Instagram

If you connect a Facebook Page or Instagram business account, we access only what you grant: your Pages, the ability to read and reply to messages, manage posts you authorize, retrieve leads from your lead ads, and read ad insights. This data is used solely to provide the features you enabled (unified inbox, posting, lead capture, reporting). We do not sell it, and we do not use it for advertising or any purpose unrelated to operating your account.

How we use information

• To provide, maintain, and improve the platform and its features.
• To send messages, emails, and other communications that you explicitly initiate or approve — we never send on your behalf automatically.
• To process payments you choose to collect from your own customers.
• To secure the service, prevent abuse, and meter usage for billing.

Service providers

We use trusted subprocessors to run the platform, including: Supabase (database/storage), Vercel and Cloudflare (hosting/CDN), Meta (Facebook/Instagram/WhatsApp), Google (sign-in, contacts, calendar), Twilio (SMS), Resend (email), Stripe and PayPal (payments), and AI providers (OpenAI, Google AI) for generated content. Each receives only the data needed to perform its function.

Data retention

We keep your data for as long as your account is active or as needed to provide the service. You can delete content at any time, and you may request deletion of your account and associated data (see Data Deletion below).

Your rights

You may access, correct, export, or delete your personal data, and withdraw consent for optional processing. To exercise any of these rights, email [email protected]. End-customers of our customers should contact the business they interacted with; we will assist that business in fulfilling the request.

Data deletion

To request deletion of your data, see our Data Deletion instructions. You can also disconnect any connected account at any time in Settings → Integrations, which removes the stored tokens for that account.

Cookies

We use strictly necessary cookies to keep you signed in and to operate the app. We do not use third-party advertising cookies.

Security

We encrypt secrets and access tokens, scope every record to the owning account, and restrict access to authorized personnel. No system is perfectly secure, but we work to protect your data using industry-standard measures.

Changes & contact

We may update this policy and will revise the date above when we do. Questions or requests: [email protected].