Privacy Policy

NEOAMYRA AI SOLUTIONS PRIVATE LIMITED (weya.ai)

Last Updated: May 16, 2025 | Effective Date: May 16, 2025

Introduction

NEOAMYRA AI SOLUTIONS PRIVATE LIMITED ("weya.ai," "we," "us," "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered customer experience platform and services.

Who This Applies To:

Business customers who subscribe to our Services

End users who interact with AI agents powered by weya.ai

Website visitors and prospective customers

Partners and service providers

Your Rights: You have rights regarding your personal data including access, correction, deletion, and objection to processing. See Section 8 for details.

Contact Us: privacy@weya.ai

Information We Collect

1.1 Information You Provide Directly

Business Customer Information:

Company name, business address, tax identification

Contact details: names, email addresses, phone numbers

Billing information: payment details, invoicing address

Account credentials: username, password, security questions

Business requirements and preferences

End User Interaction Data (when you contact our clients):

Name, phone number, email address

Voice recordings of calls with AI agents

WhatsApp, SMS, and email message content

Customer service queries and feedback

Transaction or order information shared during conversations

1.2 Information Collected Automatically

Usage and Technical Data:

IP address, device identifiers, browser type and version

Operating system, device model, mobile network information

Session IDs, cookies, and similar tracking technologies

Log files: access times, pages viewed, clicks, navigation paths

Platform usage patterns and feature engagement

Performance data and error reports

Communication Metadata:

Call duration, timestamp, call disposition

Message delivery status and timestamps

Conversation flow and interaction patterns

Session duration and channel used

1.3 Information from Third Parties

Integration data from CRM systems (if authorized by our customers)

Telephony provider metadata (call routing, quality metrics)

Payment processing information from payment gateways

Authentication data from single sign-on providers

Public business information from directories and databases

How We Use Your Information

2.1 To Provide and Improve Services

Operate AI-powered voice, WhatsApp, email, and SMS automation

Process customer interactions and generate conversation transcripts

Provide analytics, insights, and performance reporting

Integrate with customer's CRM and business systems

Deliver technical support and troubleshooting

Send service notifications, updates, and alerts

2.2 Service Improvement and AI Training

Analyze usage patterns to optimize platform performance

Train and improve AI models using anonymized, aggregated data

Develop new features and capabilities

Conduct research and testing

Generate industry benchmarks (anonymized data only)

Note: Customers may opt out of AI training in their Service Agreement (Annexure C). Individual identifiers are removed before data is used for training.

2.3 Business Operations

Process billing, payments, and invoicing

Prevent fraud, security threats, and abuse

Enforce Terms of Service and legal agreements

Comply with legal obligations and respond to lawful requests

Conduct audits and business analysis

2.4 Marketing and Communication (Business Customers Only)

Send product updates, newsletters, and promotional content

Provide information about new features and services

Conduct customer surveys and collect feedback

Host webinars, events, and training sessions

You can opt out of marketing communications at any time using unsubscribe links or by contacting support@weya.ai

.

We do NOT use end-user data (your customers' data) for our own marketing purposes.

Data Retention and Deletion

3.1 Customer Interaction Data (End Users)

Automatic Deletion: Personal data from customer interactions (call recordings, transcripts, messages, contact information) is automatically and permanently deleted 90 calendar days after collection.

What Gets Deleted:

All voice call recordings and audio files

Conversation transcripts

WhatsApp, SMS, email message content

Contact information (phone numbers, emails, names)

Session logs and metadata

Deletion Method: Secure, irreversible deletion from all systems including databases, backups, and logs using industry-standard techniques.

3.2 Business Customer Account Data

Active customer account data retained for duration of Service Agreement

Billing records retained for 7 years for tax and accounting compliance

Contract documents retained as legally required

Upon account termination, data deleted within 30 days except where legal retention required

3.3 Anonymized Data

Aggregated, non-identifiable data may be retained indefinitely for:

Service improvement and optimization

AI model training and development

Industry research and benchmarking

This data cannot be traced back to individuals and does not constitute personal data.

3.4 Your Backup Responsibility

Important for Business Customers: If you need conversation data beyond 90 days for your own compliance or business needs, you must export and backup data before automatic deletion. Export tools available in your dashboard.

How We Share Your Information

4.1 We Do NOT Sell Personal Data

weya.ai does not sell, rent, or trade personal information to third parties for their marketing purposes.

4.2 Service Providers and Sub-processors

We share data with trusted third-party service providers who help us deliver Services:

Infrastructure and Hosting:

Amazon Web Services (AWS)

Microsoft Azure

Google Cloud Platform

Communication Services:

Twilio, Exotel, Kaleyra (telephony)

WhatsApp Business API providers

SMS gateway providers

Business Operations:

Payment processors (Stripe, Razorpay)

Email services (SendGrid, Amazon SES)

Analytics and monitoring tools (Datadog, LogRocket)

CRM and support tools (HubSpot)

All service providers are contractually bound to protect your data and use it only for authorized purposes. See full list at weya.ai/dpa Section 5.

4.3 Business Customers' Access to Their Data

Our business customers (your service provider) have access to their end-user interaction data. They are the data controllers responsible for how they use this data.

4.4 Legal Requirements and Protection

We may disclose information when required by law or to:

Comply with legal obligations, court orders, or regulatory requests

Enforce our Terms of Service and agreements

Protect our rights, property, and safety or that of others

Prevent fraud, security threats, or illegal activities

Respond to emergency situations involving safety

4.5 Business Transfers

In the event of merger, acquisition, reorganization, or sale of assets, personal information may be transferred to the successor entity. We will notify you before your data is transferred and becomes subject to a different privacy policy.

Data Security

5.1 Security Measures

We implement industry-standard security practices:

Technical Safeguards:

AES-256 encryption for data at rest

TLS 1.2+ encryption for data in transit

Multi-factor authentication for administrative access

Role-based access controls and privilege management

Firewalls, intrusion detection/prevention systems

24/7 security monitoring and threat detection

Regular vulnerability scanning and penetration testing

Comprehensive audit logging

Organizational Safeguards:

Security policies and procedures

Personnel confidentiality agreements

Background checks for staff with data access

Regular security awareness training

Incident response and disaster recovery plans

Annual third-party security audits

5.2 Your Responsibility

For Business Customers:

Use strong passwords and enable multi-factor authentication

Protect API keys and authentication credentials

Restrict access to authorized personnel only

Report security concerns immediately to support@weya.ai

For End Users:

Protect your contact information and conversation history

Be cautious about sharing sensitive information in conversations

Report suspicious activity to the business you're interacting with

5.3 No Guarantee

While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security against all threats. You acknowledge the inherent risks of internet and electronic transmission.

International Data Transfers

6.1 Cross-Border Processing

Your data may be transferred to, stored in, and processed in countries where we or our service providers operate, including India, United States, European Union, and other regions.

These countries may have different data protection laws than your jurisdiction.

6.2 Safeguards for International Transfers

For EU Data:

EU Standard Contractual Clauses for transfers outside EEA

Adequacy decisions where available

Appropriate safeguards as required by GDPR

For All Transfers:

Contractual protections with service providers

Encryption and access controls

Compliance with applicable data transfer regulations

6.3 India Operations

weya.ai is headquartered in India and operates under Indian law including the Digital Personal Data Protection Act (DPDPA) 2023. We provide equivalent or superior protections for data subject to GDPR, CCPA, and other international regulations.

Cookies and Tracking Technologies

7.1 What We Use

Essential Cookies:

Session management and authentication

Platform functionality and performance

Security and fraud prevention

Analytics Cookies:

Usage statistics and platform analytics

Error tracking and performance monitoring

Feature engagement and user behavior

Marketing Cookies (Website Only):

Website visitor tracking

Campaign effectiveness measurement

Remarketing and advertising (if applicable)

7.2 Your Choices

Browser Settings: Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling cookies may limit platform functionality.

Opt-Out Tools: You can opt out of third-party analytics cookies through:

Google Analytics Opt-out: tools.google.com/dlpage/gaoptout

Browser privacy settings and extensions

Platform privacy settings

7.3 Do Not Track

Some browsers support "Do Not Track" signals. Our website may not respond to Do Not Track signals, but you can control tracking through cookie settings.

Your Privacy Rights

8.1 Rights Under Applicable Laws

Depending on your jurisdiction, you may have the following rights:

Access: Request confirmation of what personal data we process and obtain a copy

Rectification: Request correction of inaccurate or incomplete data

Erasure: Request deletion of your personal data ("right to be forgotten")

Restriction: Request limitation of how we process your data

Portability: Receive your data in structured, machine-readable format

Objection: Object to processing based on legitimate interests or for direct marketing

Withdraw Consent: Withdraw previously given consent for processing

Opt-Out of Sale/Sharing: (CCPA) Opt out of sale or sharing for cross-context advertising

Non-Discrimination: (CCPA) Not be discriminated against for exercising privacy rights

8.2 How to Exercise Rights

For Business Customers:

Email support@weya.ai

with your request

Log into your account dashboard to manage preferences

Contact your account manager

For End Users (Customers of Our Clients):

Contact the business you interacted with (they are the data controller)

If unable to reach them, email support@weya.ai

and we will assist

Response Time: We respond to verified requests within:

30 days (GDPR)

45 days (CCPA, extendable to 90 days)

As required by applicable law

Verification: We may request information to verify your identity before fulfilling requests.

8.3 Data Deletion Limitations

We cannot recover data that has already been deleted per our 90-day retention policy. We will confirm deletion date if applicable.

Children's Privacy

weya.ai Services are intended for businesses and adults. We do not knowingly collect personal information from children under 18 (or under 13 in certain jurisdictions).

If you believe we have inadvertently collected information from a child, contact us immediately at support@weya.ai

and we will delete such information promptly.

Third-Party Links and Services

Our platform may contain links to third-party websites, services, or integrations. This Privacy Policy does not apply to those external sites. We are not responsible for privacy practices of third parties. Review their privacy policies before providing information.

Integrated Services:

CRM systems (HubSpot, Salesforce, etc.)

Communication platforms

Business applications

When you authorize integrations, those providers' privacy policies also apply to data they receive.

Changes to This Privacy Policy

11.1 Updates

We may update this Privacy Policy to reflect:

Changes in our services or business practices

Legal or regulatory requirements

Improvements in privacy protection

Notification:

"Last Updated" date at top of this policy

Email notification for material changes (business customers)

Notice posted on website and in platform

Acceptance: Continued use of Services after changes constitutes acceptance of updated policy. If you disagree with changes, discontinue use and contact us to close your account.

11.2 Version History

Previous versions of this Privacy Policy are available upon request at support@weya.ai

.

Jurisdiction-Specific Information

12.1 India (DPDPA 2023)

weya.ai complies with India's Digital Personal Data Protection Act 2023. Indian residents have rights to access, correction, erasure, and grievance redressal.

Grievance Officer:

Email: support@weya.ai

Address: D-241, Sector 110, Noida - 201301, Uttar Pradesh, India

12.2 European Union (GDPR)

For EU residents, weya.ai acts as a data processor for our business customers. Your business service provider is typically the data controller.

Legal Basis for Processing:

Contract performance

Legitimate interests (service improvement, security)

Legal obligations

Consent (where obtained)

EU Representative: [If applicable, add EU representative details]

Supervisory Authority: You have the right to lodge a complaint with your local Data Protection Authority.

12.3 California (CCPA/CPRA)

California Residents' Rights:

Know what personal information is collected

Know whether personal information is sold or shared

Access personal information

Delete personal information

Opt-out of sale/sharing

Correct inaccurate information

Limit use of sensitive personal information

We Do Not Sell Personal Information: weya.ai does not sell personal information as defined by CCPA.

Authorized Agent: You may designate an authorized agent to submit requests on your behalf. We require written authorization.

Contact Information

General Privacy Inquiries: privacy@weya.ai

Security Concerns: security@weya.ai

Data Subject Requests: Submit requests to privacy@weya.ai

Mailing Address:

NEOAMYRA AI SOLUTIONS PRIVATE LIMITED

D-241, Sector 110

Noida - 201301

Uttar Pradesh, India

Phone:+91 88025 39664

Response Time: We respond to inquiries within 5 business days.

Effective Date and Acceptance

This Privacy Policy is effective as of May 16, 2025.

By using weya.ai Services, visiting our website, or providing personal information to us, you acknowledge that you have read, understood, and agree to this Privacy Policy.

If you do not agree, please discontinue use of our Services immediately.