Legal
Privacy Policy
Effective date: May 2026 · SoftRivo · contact@softrivo.com
1. Introduction
SoftRivo ("we", "us", or "our") operates the AI SMEs platform — a WhatsApp AI chatbot SaaS that enables businesses to deploy AI-powered customer service bots via WhatsApp. Our website is located at https://softrivo.com.
This Privacy Policy explains how we collect, use, store, and protect personal data when you use our platform as a business subscriber, and how we handle data belonging to the end users who interact with chatbots deployed by our clients. By using AI SMEs, you agree to the practices described in this policy.
2. Data We Collect
From business clients (platform subscribers):
- Name, email address, and business name
- WhatsApp Business Account credentials (stored encrypted)
- Uploaded business documents such as FAQ files, menus, and price lists
- Payment information — collected manually via DuitNow or bank transfer; not stored digitally by SoftRivo
- Usage data for billing purposes (conversation counts, file uploads)
From end users (customers who interact with client-deployed chatbots):
- WhatsApp phone number
- Message content (processed to generate AI responses and capture leads)
- Name and contact details if voluntarily shared during a conversation
- Conversation history with the chatbot
3. How We Use Data
- To operate and deliver the AI chatbot service to our business clients
- To generate AI responses using Anthropic's Claude API based on uploaded business content
- To capture lead information and deliver it to the relevant business owner
- To send notifications to business owners via WhatsApp and email
- To track usage for billing and service management
We do not sell personal data to third parties. We do not use any collected data for advertising or marketing purposes unrelated to our own services.
4. Third-Party Services
To operate the AI SMEs platform, we share certain data with the following third-party services. Each is bound by its own privacy policy.
| Service | Purpose | Data Shared | Policy |
|---|---|---|---|
| Meta / WhatsApp | Message routing via WhatsApp Business API | Message content, phone numbers | View |
| Anthropic Claude | AI response generation | Message text from conversations | View |
| OpenAI | Embedding generation for document search | Chunks of uploaded document text | View |
| Supabase | Database and file storage | All platform data | View |
| Resend | Email notifications to business owners | Owner email address, lead details | View |
5. WhatsApp Data and Meta Platform Policy
We access WhatsApp messages solely to provide the AI chatbot service on behalf of our business clients. Message data is not used for any purpose beyond service delivery.
SoftRivo complies with Meta's Platform Terms of Service and the WhatsApp Business Policy. Our use of the WhatsApp Business API is limited to the features and permissions required to operate the chatbot, capture leads, and notify business owners.
End users who wish to request deletion of their conversation data may contact us at contact@softrivo.com. We will process deletion requests within 30 days.
6. Data Retention
- Client account data: Retained while the account is active, plus 60 days after cancellation.
- Conversation data: Retained for 12 months from the date of each conversation.
- Uploaded files (FAQ, menus, price lists): Retained while the client account is active.
- Lead data: Retained while the client account is active.
After the applicable retention period expires, data is permanently deleted from our systems and those of our sub-processors.
7. Data Security
- All Meta API tokens and credentials are stored encrypted at rest
- Our database (Supabase) is protected by Row Level Security (RLS)
- HTTPS is enforced on all endpoints — data in transit is encrypted via TLS
- Service keys and secrets are never exposed publicly
While we implement strong security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security and encourage clients to use strong passwords and protect their account credentials.
8. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your data (subject to legal and operational retention requirements)
- Object to or restrict certain processing activities
To exercise any of these rights, contact us at contact@softrivo.com. We will respond within 30 days.
9. Children's Privacy
The AI SMEs platform is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided personal data through our platform, please contact us and we will take steps to delete the information promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will post the updated policy on this page with a revised effective date. For material changes, we will notify active clients via email.
Continued use of the AI SMEs platform after a policy update constitutes acceptance of the revised policy.
11. Contact
If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:
- Company: SoftRivo
- Email: contact@softrivo.com
- Website: https://softrivo.com