RU EN HE

Privacy Policy

Last updated: March 1, 2026

This Privacy Policy describes how WAAI ("we", "us") collects, uses, and protects information when you use our service — an AI agent for WhatsApp and websites.

1. Data We Collect

We may collect the following categories of data:

Account data: name, email address, profile photo (via Google OAuth / Auth0).
Business data: business name, service descriptions, price lists, operating hours, uploaded files.
Conversation data: inbound and outbound WhatsApp messages processed by the AI agent.
Technical data: IP address, browser type, pages visited, session duration.
Payment data: processed exclusively by our payment provider; we do not store card details.

2. How We Use Your Data

Providing and improving the AI agent service.
Processing WhatsApp messages on behalf of your business.
Generating responses using language models — OpenAI, Anthropic, Google Gemini, Mistral, and others — as well as proprietary models trained on real business conversations.
Account authentication and management.
Technical support and service notifications.
Aggregated analytics to improve service quality.

3. Third-Party Data Processors

The following providers are involved in delivering the service:

Meta (WhatsApp Business API) — sending and receiving WhatsApp messages. Governed by Meta's data policy.
Language model providers (OpenAI, Anthropic, Google, Mistral, and others) — AI response generation based on your business context. Governed by the respective provider's data policy.
Auth0 (Okta) — user authentication. Governed by Auth0's data policy.
Hosting provider — server infrastructure located in the EU.

We do not sell or share your data with third parties for marketing purposes.

4. Data Retention and Security

Data is stored on secured Amazon Web Services (AWS) servers. We use encryption (TLS/HTTPS) for all data in transit and apply technical and organizational measures to restrict access. Conversation data is retained for up to 24 months from the last activity, after which it is archived or deleted.

5. Your Rights (GDPR & Israeli Privacy Protection Law)

Access: you may request a copy of your data.
Rectification: you may correct inaccurate data.
Erasure: you may request deletion of your data ("right to be forgotten"). Data deletion instructions: waai.co.il/data-deletion/
Restriction: you may temporarily restrict processing of your data.
Portability: you may receive your data in a machine-readable format.
Withdrawal of consent: you may withdraw consent to data processing at any time.

To exercise your rights, contact us at: privacy@waai.co.il

6. Cookies

We use session and analytics cookies to ensure the service works correctly and to improve user experience. You may disable cookies in your browser settings, though this may affect service functionality.

7. Children's Data

The service is intended exclusively for businesses and individuals aged 18 and over. We do not knowingly collect data from minors.

8. Policy Updates

We may update this Policy from time to time. For material changes, we will notify you by email or through the service interface. Continued use of the service after the update constitutes your acceptance of the revised Policy.

9. Contact

For privacy-related inquiries:
WAAI
Email: privacy@waai.co.il
Website: waai.co.il