Privacy Policy

1. Introduction

AiReply Technology ("we," "our," or "us"), a registered MSME (Udyam: UDYAM-GJ-05-0082336), operates the website https://aireply.in and provides AI-powered digital presence services for medical practices. This Privacy Policy explains how we collect, use, store, and protect information when you use our platform.

We are committed to protecting your privacy and complying with the Digital Personal Data Protection Act, 2023 (DPDPA) and all applicable Indian data protection regulations.

2. Information We Collect

2.1 Account Information

• Clinic/practice name, address, and contact details
• Doctor's name, medical registration number, and specialization
• Email address and phone number
• Login credentials (passwords are hashed, never stored in plain text)

2.2 WhatsApp Business API Data

• Patient phone numbers (received via WhatsApp Business API)
• Message content exchanged between patients and the AI receptionist
• Message timestamps and delivery status

WhatsApp data is processed in accordance with Meta's WhatsApp Business API policies. AiReply integrates directly with the Meta Cloud API (not through a third-party BSP). We comply with Meta's Platform Terms and data handling requirements.

2.3 Payment Data

Payment transactions are processed by third-party payment gateways (Razorpay). We do not store credit card numbers, debit card numbers, or UPI PINs on our servers. Payment processors are PCI-DSS compliant. We retain only transaction references (payment ID, amount, date, status) for billing records.

2.4 Usage Data

• Dashboard activity and feature usage
• AI credit consumption
• Content generated (images, posts, ad copy)

3. How We Use Your Information

• To provide and maintain the AiReply platform services
• To operate the AI WhatsApp receptionist on your behalf
• To generate NMC-compliant content (images, posts, ads)
• To manage Meta Ads campaigns (Facebook and Instagram) on your behalf
• To post content to your connected social media accounts (Facebook, Instagram, Threads, Telegram)
• To provide analytics and performance reports
• To communicate with you about your account and service updates
• To improve our AI models and service quality (anonymized data only)

4. Data Storage & Security

• All data is stored on secure servers located in India
• Data is encrypted at rest using AES-256 encryption
• Data in transit is protected using TLS 1.2+
• Access to data is restricted to authorized personnel only
• Regular security audits and vulnerability assessments are conducted
• OAuth tokens for Google and Meta are stored encrypted and are never exposed to end users

5. Data Sharing

We do NOT sell, rent, or trade your personal data to third parties. Data is shared only with:

• Meta (WhatsApp Business API) — to deliver and receive WhatsApp messages
• Meta (Ads API) — to manage advertising campaigns on Facebook and Instagram on your behalf
• Razorpay — to process subscription and top-up payments securely. No card details are stored on AiReply servers.
• Law enforcement — only when required by valid legal process under Indian law

6. DPDPA 2023 Compliance

Under the Digital Personal Data Protection Act, 2023, you have the following rights:

• Right to Access — Request a copy of your personal data
• Right to Correction — Request correction of inaccurate data
• Right to Erasure — Request deletion of your personal data
• Right to Grievance Redressal — File complaints about data handling
• Right to Nominate — Nominate a person to exercise your rights in case of death or incapacity

To exercise any of these rights, contact us at admin@aireply.in.

7. Patient Data

AiReply processes patient messages on behalf of the medical practitioner (data fiduciary). The doctor remains the data fiduciary for patient data under DPDPA 2023. AiReply acts as a data processor.

• Patient data is used solely to provide AI receptionist services
• Patient data is never used for marketing or sold to third parties
• Patient data is encrypted and access-controlled
• Patients can request data deletion through the medical practitioner or directly via admin@aireply.in

8. Cookies & Tracking

AiReply uses essential cookies for authentication and session management. We do not use third-party advertising cookies or tracking pixels on our platform.

9. Data Retention

• Account data is retained as long as the account is active
• WhatsApp message history is retained as long as the account is active. Doctors can manually delete individual conversations or request bulk deletion at any time. Data is never auto-deleted.
• Doctors can manually delete specific conversations, contacts, or their entire account data at any time
• Campaign performance data is retained for the lifetime of the account
• Upon account termination, data is scheduled for deletion in accordance with applicable Indian medico-legal retention requirements. A free data export is provided upon request within 48 hours of termination.
• Upon plan cancellation, a free final data export (CSV/Excel) is provided with 48-hour processing

10. Children's Privacy

AiReply is a business-to-business platform for medical practitioners. We do not knowingly collect data from individuals under the age of 18.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the platform after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions, data requests, or complaints:

• Email: admin@aireply.in
• Phone: +91 99787 39359
• Address: AiReply Technology, 201, Second Floor, Sai Ganga, Near Rasoi Dining Hall, Kalubha Road, Bhavnagar, Gujarat 364001
• Udyam Registration: UDYAM-GJ-05-0082336