Privacy Policy

Last updated: April 13, 2026

1. Introduction

SMFlow ("we", "our", "us") operates the smflow.io platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Account Information: When you create an account, we collect your email address and business details you provide during onboarding (business name, description, services, location, working hours).

Messaging Data: We process messages sent between your customers and your business through connected channels (Telegram, WhatsApp). These messages are processed by AI to generate responses and are stored to maintain conversation history.

Usage Data: We collect information about how you use the service, including message counts, feature usage, and interaction patterns.

Channel Credentials: Bot tokens and API credentials you provide to connect messaging channels are stored securely and used solely to operate the messaging service on your behalf.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the SMFlow platform
  • Process and respond to customer messages using AI on your behalf
  • Send you notifications about customer interactions and bookings
  • Improve and develop new features
  • Communicate with you about your account and service updates
  • Comply with legal obligations

4. Data Processing & AI

Customer messages are processed by third-party AI services (OpenAI) to generate automated responses. Messages are sent to these services in real-time and are subject to their respective privacy policies. We do not use your business data or customer messages to train AI models.

5. Data Storage & Security

Your data is stored on secure servers provided by Supabase (hosted on AWS). We use encryption in transit (TLS) and implement appropriate technical and organizational measures to protect your data. Channel credentials (bot tokens) are stored server-side and never exposed to client applications.

6. Data Sharing

We do not sell your data. We share data only with:

  • AI Providers (OpenAI) — to process and generate message responses
  • Messaging Platforms (Telegram, WhatsApp via Meta) — to deliver messages
  • Infrastructure Providers (Supabase, Vercel) — to host and operate the service
  • Email Services (Resend) — to send notifications

7. Your Rights

You have the right to access, correct, or delete your personal data at any time. You can export your conversation data or request account deletion by contacting us at hello@smflow.io.

8. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we remove your data within 30 days, except where retention is required by law.

9. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the platform.

11. Contact Us

If you have questions about this Privacy Policy, contact us at:

hello@smflow.io

SMFlow Support

Always online

Hey there! 👋 I'm SMFlow's AI assistant. Ask me anything about our platform — features, pricing, how it works, or anything else. I'm here to help!
Powered bySMFlow AI