Privacy Policy

Last updated: 30 April 2025

RepFlow AI ("we", "our", or "us") operates a WhatsApp-based sales automation service for pharmaceutical sales teams. This Privacy Policy explains what information we collect, how we use it, and your rights.

1. Information We Collect

When you use RepFlow AI via WhatsApp, we may collect and process the following:

• WhatsApp phone number — used to identify your account and route messages.
• Message content — the text messages you send to RepFlow AI (orders, commands, product queries). These are processed to fulfil your requests.
• Order data — customer names, product names, quantities, and pricing as entered by you.
• Usage metadata — timestamps of messages, command types used, and error logs for debugging.
• Business information — your name and role as a sales representative, provided during account setup.

We do not collect payment card details, passwords, or sensitive personal health information.

2. How We Use Your Information

• To process and confirm sales orders on your behalf.
• To match product names and customer names against your company's database.
• To generate order references, track deliveries, and maintain order history.
• To improve accuracy of the AI-powered product matching system.
• To diagnose and fix technical issues.
• To communicate service updates or critical notifications.

3. Data Storage and Security

Your data is stored securely in a Supabase (PostgreSQL) database with Row Level Security (RLS) enabled. All connections are encrypted via TLS/HTTPS. We do not store your WhatsApp messages beyond what is required to process and confirm your requests.

We apply industry-standard security practices including encrypted storage, access controls, and regular security reviews.

4. Data Sharing

We do not sell your personal data. We may share data with the following third parties solely to operate the service:

• Twilio / Meta (WhatsApp) — to send and receive WhatsApp messages.
• Supabase — for secure database hosting.
• Railway / cloud infrastructure — for application hosting.
• Anthropic — for AI-powered text processing (only anonymised product name queries, no order totals or customer PII).

All third-party processors are bound by their own privacy and data protection commitments.

5. Data Retention

We retain order data for as long as your organisation's account is active plus a period of 12 months. Message logs used for deduplication are retained for 30 days. You may request deletion of your data at any time (see Section 7).

6. WhatsApp Messaging

By using RepFlow AI, you agree that your WhatsApp messages are processed by Meta Platforms, Inc. under their Privacy Policy. RepFlow AI uses the official WhatsApp Business API provided by Meta.

7. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data ("right to be forgotten").
• Object to or restrict certain processing.
• Data portability — receive your data in a structured format.

To exercise any of these rights, contact us at privacy@repflowaai.com.

8. Cookies

This website (repflowaai.com) does not use tracking cookies or third-party analytics. We do not use cookies for advertising purposes.

9. Children's Privacy

RepFlow AI is a business-to-business service intended for professional use only. We do not knowingly collect data from anyone under the age of 18.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active users of material changes via WhatsApp or email. Continued use of the service after changes constitutes acceptance.

11. Contact Us

If you have any questions about this Privacy Policy, please contact:

RepFlow AI
Email: privacy@repflowaai.com
Website: repflowaai.com