Get Started
HomeFeaturesHow It WorksPricingAboutContactGet Started

Privacy Policy

Last updated: March 2026

Table of Contents

  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Data Storage & Security
  5. Data Sharing
  6. Customer Data Ownership
  7. Data Retention
  8. Data Breach Notification
  9. Information Security Management
  10. Privacy by Design
  11. Cookies & Analytics
  12. Your Rights
  13. No Refund Policy
  14. Changes to This Policy
  15. Contact Us

1. Introduction

Welcome to WardiereAI, a product by WARDIERE Technologies. We are committed to protecting your privacy and ensuring the security of your personal and business data.

This Privacy Policy explains how we collect, use, store, and protect information when you use our WhatsApp AI agent platform and related services. By using WardiereAI, you agree to the practices described in this policy.

WardiereAI provides custom-built WhatsApp AI agents for businesses. We build, train, and maintain AI agents that operate on the WhatsApp Business platform to help businesses automate customer interactions, schedule appointments, and manage communications.

This policy applies to all users of WardiereAI services, including business customers, their end-users who interact with AI agents via WhatsApp, and visitors to our website.

Data Controller & Data Processor Roles

In the context of GDPR, the customer (you) acts as the Data Controller for your end-customer data processed through the WhatsApp AI agent. WARDIERE Technologies acts as the Data Processor, processing data on your behalf and according to your instructions. For data we collect directly from you (e.g. account information, billing), WARDIERE Technologies acts as the Data Controller.

2. Information We Collect

Business Information

When you sign up for WardiereAI, we collect information about your business to build and configure your custom AI agent:

  • Business name, industry, and description
  • Business address and operating hours
  • Products, services, and pricing information
  • FAQs, knowledge base content, and training materials you provide
  • Brand guidelines and communication preferences

WhatsApp Conversation Data

To deliver and improve our AI agent services, we process:

  • Messages exchanged between your customers and your AI agent
  • Conversation metadata (timestamps, message status)
  • Media files shared during conversations (images, documents, voice notes)
  • Conversation flow and interaction patterns

Contact Details

  • Name, email address, and phone number of business representatives
  • Billing and payment information
  • Account credentials

Usage Data

  • Service usage statistics and analytics
  • AI agent performance metrics
  • Website browsing data (pages visited, time on site)
  • Device information and IP address

3. How We Use Your Information

We use the information we collect for the following purposes:

Building & Training AI Agents

  • To build, configure, and customize your WhatsApp AI agent
  • To train the AI model on your business-specific knowledge and data
  • To improve AI response accuracy and conversation quality
  • To update and retrain agents as your business information changes

Maintaining & Improving Service

  • To monitor AI agent performance and uptime
  • To identify and resolve technical issues
  • To optimize response times and service reliability
  • To develop new features and improve existing capabilities

Customer Support

  • To respond to your inquiries and support requests
  • To provide onboarding assistance and training
  • To send important service updates and notifications
  • To communicate about billing and account matters

Lawful Basis for Processing

Under GDPR Article 6, we rely on the following lawful bases when processing your personal data:

  • Contract performance — Processing is necessary to deliver the AI agent service as agreed under your subscription or service agreement.
  • Legitimate interest — Processing is necessary for our legitimate interests in improving and maintaining the service, provided these interests are not overridden by your fundamental rights and freedoms.
  • Legal obligation — Processing is necessary to comply with applicable laws, regulations, and legal requirements.
  • Consent — Where you have explicitly given consent, such as for receiving marketing communications. You may withdraw your consent at any time.

4. Data Storage & Security

We take data security seriously and implement robust measures to protect your information.

Customer-Owned Infrastructure

Where applicable, WardiereAI deploys AI agents on customer-owned or customer-designated infrastructure. This means your data remains within systems you control, providing an additional layer of data sovereignty.

Regional Server Isolation

We maintain regional server isolation to ensure that your data is processed and stored in compliance with local data protection regulations. Data does not leave the designated region without explicit authorization.

Customer-Owned API Keys

All API keys and credentials used to connect to third-party services (such as the WhatsApp Business API) are owned and controlled by the customer. We do not retain copies of your API keys beyond what is necessary for the active operation of your AI agent.

Encryption

  • All data in transit is encrypted using TLS 1.2 or higher
  • Data at rest is encrypted using AES-256 encryption
  • API keys and sensitive credentials are stored using industry-standard encryption and secret management practices
  • Regular security audits and vulnerability assessments are conducted

Cross-Border Data Transfers

For customers located in the European Economic Area (EEA), United Kingdom, or Switzerland, any transfer of personal data outside these regions is conducted using appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on the recipient country's adequacy decision where applicable.

5. Data Sharing

We do not sell, rent, or trade your personal or business data to any third parties.

We may share data with the following third-party services only as necessary to deliver our services:

  • WhatsApp Business API (Meta) — Required to send and receive messages through WhatsApp. Subject to Meta's own privacy policies. All WhatsApp Business API usage costs (including per-conversation fees, message template fees, and phone number hosting charges) are borne entirely by the customer on actuals and are not included in the WardiereAI subscription.
  • Google Meet API — Used for scheduling and managing video consultations and meetings when this feature is enabled for your AI agent.
  • N8N (Workflow Automation) — Used to orchestrate workflows and integrations between services as part of your AI agent's functionality.
  • AI / LLM API Providers (Anthropic, OpenAI, xAI, Google, etc.) — Your AI agent may use third-party Large Language Model services such as Claude, ChatGPT, Grok, Gemini, or other models for custom training and handling customer queries. Data shared with these providers is limited to what is necessary for generating responses and is subject to the respective provider's privacy policies and data processing terms. All LLM API usage costs (including per-token fees, per-request fees, and fine-tuning charges) are borne entirely by the customer on actuals and are not included in the WardiereAI subscription.

We carefully vet all third-party service providers and ensure they meet our data protection standards. We only share the minimum amount of data required for each service to function.

Sub-Processors

The following entities act as sub-processors in delivering our service. We maintain Data Processing Agreements with each:

  • Meta Platforms — WhatsApp Business API
  • Google LLC — Calendar, Meet, Sheets
  • N8N GmbH — Workflow automation
  • AI / LLM Providers (Anthropic, OpenAI, xAI, Google, or others as selected) — Large Language Model API services for AI agent training and customer query handling. The specific provider depends on the model chosen for your agent.

We will notify customers at least 30 days before engaging any new sub-processor.

We may also disclose information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of WARDIERE Technologies, our customers, or the public.

6. Customer Data Ownership

You own all of your data. WARDIERE Technologies does not claim ownership of any customer data.

As a WardiereAI customer, you retain full ownership of:

  • All conversation data — Every message, interaction, and conversation log generated through your AI agent belongs to you.
  • Conversation logs & analytics — All historical data, reports, and analytics derived from your AI agent's interactions are your property.
  • API credentials — All API keys, tokens, and authentication credentials used to operate your AI agent are owned and controlled by you.
  • Business knowledge & training data — Any content, documents, or information you provide to train your AI agent remains your intellectual property.

Upon termination of your service, you may request a complete export of all your data. We will provide your data in a standard, machine-readable format within 30 days of the request. After export and confirmation, we will securely delete your data from our systems.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The following specific retention periods apply:

  • Active customer data — Retained for the duration of the subscription.
  • Conversation logs — Retained for the duration of the subscription plus 30 days after termination.
  • Account and billing data — Retained for 7 years for tax and legal compliance.
  • Support tickets — Retained for 2 years after resolution.

After the applicable retention periods expire, data is permanently and securely deleted using industry-standard data destruction methods.

8. Data Breach Notification

We will notify affected customers within 72 hours of becoming aware of a personal data breach, in accordance with GDPR Articles 33–34. The notification will include:

  • The nature of the personal data breach
  • The categories of data affected
  • The approximate number of records involved
  • The likely consequences of the breach
  • The measures taken or proposed to address the breach and mitigate its effects

We will also cooperate with you in notifying relevant supervisory authorities and data subjects as required by applicable law.

Incident Response

We maintain a documented incident response plan that includes identification, containment, eradication, recovery, and post-incident review. Security events are logged and monitored continuously. Critical incidents are escalated within 1 hour of detection.

9. Information Security Management

WARDIERE Technologies maintains an Information Security Management System (ISMS) aligned with ISO 27001 standards. This includes:

  • Documented security policies and procedures
  • Regular risk assessments and risk treatment plans
  • Access control procedures based on the principle of least privilege
  • Employee security awareness training
  • Vulnerability management and patch management
  • Continuous monitoring of systems and networks

Our ISMS is subject to regular internal audits and periodic external assessments to ensure ongoing effectiveness and compliance.

10. Privacy by Design

We follow privacy by design principles as outlined in GDPR Article 25, embedding data protection into all stages of product development and service delivery. This means that privacy considerations are integrated from the earliest stages of system design, rather than being added as an afterthought.

11. Cookies & Analytics

Our website uses minimal cookies to ensure a smooth browsing experience.

Essential Cookies

These cookies are necessary for the website to function properly. They enable basic features such as page navigation, session management, and security. You cannot opt out of essential cookies.

Analytics

We may use analytics tools to understand how visitors interact with our website. This helps us improve our content and user experience. Analytics data is collected in aggregate and does not personally identify individual users.

You can control cookie preferences through your browser settings. Disabling non-essential cookies will not affect the core functionality of our website.

12. Your Rights

Under applicable data protection laws, including the General Data Protection Regulation (GDPR) and other regional regulations, you have the following rights:

  • Right of Access — You can request a copy of the personal data we hold about you at any time.
  • Right to Rectification — You can request that we correct any inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten) — You can request the deletion of your personal data, subject to any legal obligations we may have to retain certain records.
  • Right to Data Portability — You can request your data in a structured, commonly used, and machine-readable format for transfer to another service provider.
  • Right to Restrict Processing — You can request that we limit the processing of your personal data under certain circumstances.
  • Right to Object — You can object to the processing of your personal data for specific purposes, including direct marketing.
  • Right to Withdraw Consent — Where processing is based on your consent, you can withdraw that consent at any time.

You also have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of the alleged infringement if you believe our processing of your personal data violates applicable data protection laws.

To exercise any of these rights, please contact us using the details provided in the Contact Us section below. We will respond to your request within 30 days.

13. No Refund Policy

All payments made to WARDIERE Technologies for WardiereAI services are final and non-refundable. By purchasing any subscription plan or AI agent build service, you acknowledge and agree to the following:

  • Once a subscription is activated, no refunds will be issued for any remaining period of the subscription, whether it is monthly or annual.
  • Once an AI agent build has commenced, no refunds will be issued, regardless of the stage of completion.
  • Setup fees, onboarding charges, and any one-time payments are non-refundable once the service engagement has begun.
  • Downgrading or canceling your plan does not entitle you to a refund for any prior payments.

We strongly encourage all prospective customers to take advantage of our free consultation and live demo to thoroughly evaluate our service before making a purchase commitment. Our team is available to answer any questions and provide a detailed walkthrough of features and capabilities so you can make an informed decision.

If you have any concerns about the service before committing, please contact us at [email protected].

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify active customers via email of any material changes
  • Post a notice on our website for significant updates

We encourage you to review this Privacy Policy periodically. Your continued use of WardiereAI services after any changes indicates your acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

WARDIERE Technologies
Jurisdiction: India

We aim to respond to all privacy-related inquiries within 30 days.

Effective Date: March 2026 • WARDIERE Technologies • India