Privacy Policy

Effective Date: January 1, 2025 | Last Updated: January 1, 2025

1. Introduction

LuxBrain AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered WhatsApp commerce platform and related services (collectively, the "Service").

By accessing or using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us, including:

  • Name, email address, phone number, and company information
  • Account credentials and authentication information
  • Payment and billing information (processed securely through third-party providers)
  • Profile information and preferences
  • Communication preferences and settings

2.2 Business Data

When you use our platform, we collect and process:

  • E-commerce store data (products, inventory, orders, customers)
  • WhatsApp conversation data and message content
  • Customer interaction patterns and behavior analytics
  • Sales performance and revenue metrics
  • Marketing campaign data and engagement statistics

2.3 Technical Information

We automatically collect technical information, including:

  • IP addresses, browser type, and device information
  • Usage patterns, feature utilization, and performance metrics
  • Log files, cookies, and similar tracking technologies
  • API usage statistics and integration data

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

  • Provide, operate, and maintain our AI-powered platform
  • Process transactions and manage your account
  • Enable WhatsApp automation and chatbot functionality
  • Generate ML-powered recommendations and insights
  • Facilitate e-commerce integrations (Shopify, WooCommerce)

3.2 Platform Improvement

  • Analyze usage patterns to improve our services
  • Train and enhance our AI and machine learning models
  • Develop new features and functionality
  • Optimize platform performance and reliability

3.3 Communication

  • Send service-related notifications and updates
  • Provide customer support and technical assistance
  • Share product updates and feature announcements
  • Send marketing communications (with your consent)

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in:

  • Cloud hosting and infrastructure (AWS, Google Cloud)
  • Payment processing (Stripe, PayPal)
  • Email and communication services
  • Analytics and monitoring tools
  • Customer support platforms

4.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal obligations and court orders
  • Protect our rights, property, and safety
  • Prevent fraud and security threats
  • Enforce our Terms of Service

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change in ownership or control.

5. Data Security

We implement comprehensive security measures to protect your information:

5.1 Technical Safeguards

  • End-to-end encryption for data transmission
  • AES-256 encryption for data at rest
  • Multi-factor authentication (MFA) requirements
  • Regular security audits and penetration testing
  • Secure API endpoints with rate limiting

5.2 Organizational Measures

  • Role-based access control with principle of least privilege
  • Employee security training and background checks
  • Incident response and breach notification procedures
  • Regular backup and disaster recovery testing
  • Compliance with SOC 2 Type II standards

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal obligations and regulatory requirements
  • Resolve disputes and enforce our agreements
  • Improve our services and develop new features

Personal data is typically retained for 7 years after account closure, while anonymized analytics data may be retained indefinitely for service improvement purposes.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

7.1 Access and Portability

  • Request access to your personal information
  • Obtain a copy of your data in a portable format
  • Review how your information is being used

7.2 Correction and Deletion

  • Correct inaccurate or incomplete information
  • Request deletion of your personal data
  • Withdraw consent for data processing

7.3 Communication Preferences

  • Opt-out of marketing communications
  • Manage notification preferences
  • Control cookie and tracking settings

8. International Data Transfers

Our services are hosted on secure cloud infrastructure that may be located in different countries. We ensure that all international data transfers comply with applicable data protection laws through:

  • Standard Contractual Clauses (SCCs) with service providers
  • Adequacy decisions for data transfers to approved countries
  • Additional safeguards for transfers to non-adequate countries
  • Regular assessment of transfer mechanisms and security measures

9. Children's Privacy

Our Service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices in our platform
  • Providing at least 30 days' notice for material changes

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

LuxBrain AI Privacy Team

Email: privacy@luxbrainai.com

Phone: +92 305 7772572

Address: LuxBrain AI, Lahore, Punjab, Pakistan

Response Time: We will respond to your inquiry within 30 days

12. Compliance and Certifications

LuxBrain AI is committed to maintaining the highest standards of data protection and privacy compliance:

  • GDPR Compliance: Full compliance with European General Data Protection Regulation
  • CCPA Compliance: California Consumer Privacy Act compliance for US users
  • SOC 2 Type II: Annual security and availability audits
  • ISO 27001: Information security management system certification
  • HIPAA Ready: Healthcare data protection capabilities for applicable use cases