Legal

Privacy Policy

Last updated: May 3, 2026

1. Overview

Mentigo provides custom WhatsApp AI chatbot and n8n automation setup services for businesses operating in India. This Privacy Policy explains how we collect, use, store, and protect information while providing our website and services.

2. Information We May Process

Depending on the project, we may process:

  • Business information shared by a client, such as service details, FAQs, workflow rules, and approved response content.
  • Customer conversation data from WhatsApp, such as message text, phone number, profile name, timestamps, message status, and enquiry details.
  • Lead or booking information collected through the chatbot, such as name, city, requirement, preferred date or time, and other fields configured for the client.
  • Technical information required to operate integrations, such as webhook payloads, API responses, logs, workflow errors, and configuration settings.
  • Website usage information such as browser type, device type, pages visited, and basic analytics where enabled.

3. How We Use Information

  • To design, configure, test, operate, troubleshoot, and improve custom WhatsApp chatbot workflows.
  • To generate AI-assisted replies based on approved business information and conversation context.
  • To route leads, enquiries, appointments, or support requests to the tools selected for the client project.
  • To maintain service security, prevent misuse, investigate errors, and comply with applicable laws and platform policies.
  • To communicate with clients through existing business channels regarding project delivery, support, or service changes.

4. WhatsApp and Meta Platform Processing

Our services may integrate with Meta's WhatsApp Business Platform. WhatsApp message delivery and related metadata may be processed by Meta according to its own terms, policies, and privacy practices. Clients are responsible for ensuring that their WhatsApp use, message templates, customer consent, and opt-out handling comply with Meta policies and Indian law.

5. AI and Automation Providers

To provide AI chatbot functionality, message content and context may be sent to AI model providers or automation/integration services selected for the project. We aim to share only the information needed to provide the requested functionality. Each third-party provider may process data according to its own terms and privacy policy.

6. Client Responsibilities

Clients using our services must:

  • Obtain valid customer consent before sending WhatsApp messages.
  • Provide accurate business information for chatbot responses.
  • Avoid using the service for spam, deception, harassment, illegal activity, or unsolicited marketing.
  • Maintain their own customer-facing privacy notices where required.
  • Notify us if a workflow should stop processing specific customer data.

7. Data Storage and Retention

Data may be stored in the systems used for a client project, such as WhatsApp Business Platform, n8n, databases, spreadsheets, CRMs, logs, backups, and connected third-party tools. Retention depends on the project setup, legal requirements, operational needs, and client instructions. We do not intentionally retain customer data longer than necessary for the agreed service.

8. Security

We use reasonable technical and organisational measures to protect information, including access controls, secure credentials handling, encrypted connections where available, and limited access to project systems. No online service can be guaranteed to be completely secure, so clients must also protect their own accounts, credentials, devices, and connected tools.

9. Sharing of Information

We may share information only when necessary:

  • With service providers used to deliver WhatsApp, AI, hosting, analytics, automation, or integration functionality.
  • With the client business for whom the chatbot or automation is configured.
  • When required by law, regulation, legal process, platform policy enforcement, or to protect rights and safety.

10. Rights and Requests

Individuals may request access, correction, deletion, or withdrawal of consent where applicable under Indian law, including the Digital Personal Data Protection Act, 2023 when in force and applicable. For WhatsApp conversations with a client business, requests should first be directed to that business because it controls the customer relationship and message purpose. Existing clients may contact Mentigo through the business communication channel already used for the project.

11. Children

Our services are intended for businesses. We do not knowingly design workflows to collect children's personal data unless the client has a lawful basis and appropriate guardian consent where required.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised date.