Privacy Policy

Last updated: October 1, 2025

1. Introduction

Welcome to Xetel AI ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our WhatsApp Agent management platform and services.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the service.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us when you register on the platform, including:

  • Name and email address
  • Payment and billing information (processed securely through Stripe)
  • Company information (if applicable)
  • Profile information and preferences

2.2 Usage Data

We automatically collect certain information when you use our service:

  • Message content (for AI processing and response generation)
  • Agent configuration data and system prompts
  • Knowledge base documents and content
  • Message logs and conversation history
  • Usage statistics and analytics
  • Device information, browser type, and IP address
  • API usage and MCP server configurations
  • Other third-party details provided during service use

3. How We Use Your Information

We use your information for the following purposes:

  • To provide, operate, and maintain our AI Agent service
  • To process and generate AI-powered responses to customer messages
  • To analyze documents and build knowledge bases for your agents
  • To process payments and manage subscriptions
  • To monitor and analyze usage patterns and service performance
  • To improve, personalize, and expand our service
  • To communicate with you about updates, security alerts, and support
  • To enforce our terms and conditions
  • To comply with legal obligations

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share your information with trusted third-party service providers for:

  • Integration and connectivity
  • Payment processing and subscription management
  • AI model processing for message responses
  • Workflow automation and document processing
  • Secure document and media storage

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Secure API authentication and authorization
  • Regular security audits and vulnerability assessments
  • Access controls and user data isolation
  • Secure document storage with encrypted uploads
  • Regular backup and disaster recovery procedures

However, no method of transmission over the internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for different periods based on your subscription plan:

  • Message Logs: 1-12 months depending on your plan (Starter: 1 month, Business: Unlimited)
  • Knowledge Base Documents: Until you delete them or cancel your account
  • Account Information: Until you delete your account
  • Billing Records: As required by law (typically 7 years)

After account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal information
  • Data Portability: Request a copy of your data in a portable format
  • Objection: Object to processing of your personal information
  • Restriction: Request restriction of processing
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at [email protected].

8. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to be informed about data collection and use
  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

Our legal basis for processing your data includes contract performance, legitimate interests, and consent where applicable.

9. CCPA Privacy Rights (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to access your personal information
  • Right to equal service and price
  • Right to request deletion of personal information

We do not sell your personal information to third parties.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our service:

  • Essential Cookies: Required for authentication and security
  • Analytics Cookies: Help us understand how you use our service
  • Preference Cookies: Remember your settings and preferences

You can control cookie preferences through your browser settings.

11. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

[email protected]