Privacy Policy

Last updated: November 22, 2025

This Privacy Policy explains how qayskadhimdda Company L.L.C (“qayskadhimdda — AI Inquiry System”, “we”, “us”, or “our”) collects, uses, and safeguards information in connection with our AI Inquiry and Messaging System for colleges, universities, and businesses, including WhatsApp, web chat, and Facebook Pages auto-reply integrations (the “Service”). This policy is designed for institutional and business customers (the “Customer”) and their end users (e.g., staff, students, and Page followers).

1) Roles & Scope

For most data processed on behalf of a Customer (e.g., student inquiries, uploaded documents, Facebook Page comments), the Customer is the data controller and qayskadhimdda — AI Inquiry System acts as a data processor. For our own website, platform accounts, billing, security, and product analytics, qayskadhimdda — AI Inquiry System is the data controller.

This Policy applies to:

  • Colleges and universities using our AI Inquiry System for student support.
  • Businesses and organizations using our AI messaging features, including WhatsApp and Facebook Pages auto-reply.
  • Visitors and administrators of our web platform.

2) Information We Process

  • Account & Admin Data: name, email, phone, role, login metadata, organization details, and configuration preferences provided by administrators.
  • End-User Messages (WhatsApp, Web Chat, and Other Channels): inquiries and replies sent via WhatsApp, web widget, or other integrated channels, language, timestamps, routing metadata (department/flow), and message status.
  • Facebook Pages & Comments Data (when enabled): Facebook Page ID and Page name; public posts and comments on the connected Page that you authorize us to access (including comment text and public profile name/profile picture URL as provided by Meta); comment IDs, post IDs, reply IDs, timestamps; rules and configuration for auto-reply; and log records of AI-generated replies and whether they were auto-published or manually approved.
  • Knowledge Sources: documents and data uploaded by the Customer (e.g., PDFs, policies, FAQs, menus, product catalogs), their metadata, and embeddings created for AI search.
  • Integration Data: identifiers and metadata required to integrate with third-party platforms, such as:
    • WhatsApp IDs/phone numbers (via Twilio/Meta), message SIDs, delivery status, and system logs.
    • Facebook Page IDs, access tokens or page tokens, subscription status (e.g., which Page is connected), and webhook events for comments and engagement.
    • Other integration identifiers you connect (e.g., calendars, email providers, or analytics tools, if configured).
  • Payments & Subscriptions: billing contact, payment method tokens/last4 (via Stripe), invoices, receipts, wallet top-ups, storage subscriptions, and related transaction data.
  • Usage & Analytics: feature usage, error logs, performance metrics, storage consumption, and aggregated statistics (including Algolia-based search or analytics over conversation logs where enabled).
  • Technical Data: IP address, device/browser information, operating system, access times, and cookies or local storage used for authentication and session management.

3) How We Use Information

  • Provide, operate, and secure the Service.
  • Route and respond to inquiries correctly according to your configuration (e.g., department, product line, or support flow).
  • Generate responses using AI models from verified sources uploaded or configured by the Customer.
  • Enable automated or suggested replies on integrated channels, including:
    • WhatsApp messaging flows.
    • Web chat widgets.
    • Facebook Pages auto-reply to public comments (when enabled by the Page admin).
  • Manage subscriptions, invoices, wallet balances, and storage.
  • Monitor service quality, detect abuse, and improve AI accuracy and reliability.
  • Provide customer support and notify you about important changes or incidents.
  • Comply with legal obligations and enforce terms and policies.

We do not use Facebook Page data or WhatsApp message content to create independent marketing profiles about your users or to sell their personal data to third parties.

4) Legal Bases

Where applicable (e.g., GDPR), we rely on one or more of the following legal bases to process personal data: performance of a contract (providing the Service to the Customer), legitimate interests (e.g., security, fraud prevention, service improvement), consent (where obtained by the Customer or required by law), and compliance with legal obligations.

Where we act as a processor, the Customer is responsible for providing any required notices and obtaining any required consents from their end users.

5) Subprocessors & Key Services

We use trusted providers to deliver the Service. Depending on your configuration, these can include:

  • Google Cloud (hosting, Cloud Functions/Run)
  • Firebase (Firestore, Storage, Auth)
  • OpenAI (LLM processing of inquiries and comments)
  • Twilio & Meta WhatsApp Business (messaging transport)
  • Meta / Facebook Platform (Facebook Pages and Messenger Platform APIs for comments and engagement, when you connect a Page)
  • Stripe (payments, subscriptions, invoicing)
  • SendGrid (transactional email)
  • Algolia (search/analytics for logs, if enabled)

We maintain agreements and security commitments with these providers. A detailed subprocessor list and a Data Processing Addendum (DPA) are available on request.

6) Facebook Pages & Messenger Platform Integration

When you connect a Facebook Page to our Service:

  • We receive a limited set of permissions to retrieve the list of Pages you manage, read comments and engagement on the selected Page(s), subscribe/unsubscribe our app to the Page's webhooks, and publish replies as the Page according to your settings.
  • We use this access solely to detect new comments that match your rules, process the comment text with OpenAI and your configured knowledge base, and generate a relevant reply that is either auto-published as the Page or presented to you for manual review (if you choose that mode).

We do not use Page data to contact commenters outside of Facebook, sell Facebook data, or share it with third parties other than our subprocessors acting on our behalf as described above.

You can revoke our access to a Page at any time by disconnecting the integration from within our dashboard and/or removing the app from your Facebook settings (Business Integrations / Apps). If you disconnect a Page, we will stop receiving new data from that Page. You may also request deletion of stored logs or Page-related data associated with your account by contacting us at info@qayskadhimdda.com. Subject to legal and technical limits, we will delete or anonymize such data within a reasonable period.

We strive to comply with Meta's Platform Terms and Messenger Platform policies. Our use of Facebook data is limited to providing the features described in this Policy and our product documentation.

7) Retention

We retain data for as long as necessary to provide the Service, fulfill contractual or legal obligations, resolve disputes, and enforce agreements. Customers may request deletion of conversation logs, uploaded sources, and integration data (including Facebook Page–related data) subject to legal and technical limits. Where we act as a processor, deletion requests should generally be initiated by the Customer.

8) Security

We implement administrative, technical, and physical safeguards, including role-based access, encryption in transit, audit logs, and continuous monitoring. No method of transmission or storage is 100% secure; we work to protect your data but cannot guarantee absolute security.

9) International Transfers

Data may be processed in jurisdictions outside your country (including the EU/EEA, US, and the UAE). Where required, we rely on appropriate safeguards such as contractual measures (e.g., Standard Contractual Clauses or equivalent).

10) Children’s Privacy

The Service is intended for higher-education institutions and businesses. We do not knowingly collect personal data from children under the applicable age of consent. Customers are responsible for ensuring lawful processing of end-user data under local regulations.

11) Your Rights

Depending on your location, you may have rights to access, correct, delete, or restrict your personal data, or to object to certain processing. Where we act as processor (e.g., for student inquiries or Page comments), please contact your institution or the Page owner directly; we will support the Customer in fulfilling such requests. Where we are controller (e.g., for billing contacts and admin accounts), you may contact us at info@qayskadhimdda.com.

12) Cookies & Similar Technologies

We use strictly necessary cookies or local storage for authentication and session management, and may use analytics in aggregated form to improve the Service. You can control cookies via your browser settings; some features may not work without them.

13) Changes to this Policy

We may update this Policy to reflect changes to our practices or legal requirements. Material changes will be communicated through the product or by email, and the “Last updated” date will be revised.

14) Contact Us

qayskadhimdda Company L.L.C, Dubai, United Arab Emirates. Email: info@qayskadhimdda.com.

This document is provided for informational purposes only and does not constitute legal advice. Please consult your counsel for specific guidance.

← Back to Home