Privacy Policy
Last Updated: 6 July 2026
This Privacy Policy is prepared by the SixBeesAI product team of SwigCom Technologies Private Limited ("us", "we", "our", or "SixBeesAI", which also includes its affiliates), the author and publisher of the internet resource www.sixbeesai.com (the "Website"), the SixBeesAI mobile application (the "Mobile Application") on the world wide web, as well as the software and applications provided by SwigCom Technologies Private Limited, including but not limited to the mobile application SixBeesAI and the software and applications of the SixBeesAI brand names (together with the Website, referred to as the "Services").
This Privacy Policy explains how SixBeesAI ("SixBeesAI", "we", "us", "our") collects, uses, stores, shares, retains, and deletes information when you use our WhatsApp automation platform and dashboard, WhatsApp Business API integration services, Google Sheets integration features, our website, APIs, and support channels. It includes explicit disclosures required by Google OAuth verification, WhatsApp Business API policies, and international data protection regulations.
1. About Us
SixBeesAI is a WhatsApp automation platform that helps businesses manage customer communications, automate workflows, and integrate with Google Sheets. We process personal data in accordance with applicable data protection laws (GDPR, CCPA, DPDPA, etc.) and are committed to transparency, security, and user control.
2. Key Definitions
- Platform: All services including website, dashboard, APIs, and integrations.
- WhatsApp Data: Messages, contacts, and conversation data processed through WhatsApp Business API.
- Google User Data: Data obtained via Google OAuth scopes you authorize.
- Personal Data: Any information that identifies or relates to you.
- Third-Party Services: External platforms we integrate with (WhatsApp, Google).
3. Data We Collect
3.1 Account Information
- Name and email address
- Phone number (for account verification)
- Company name and business details (optional)
- Login credentials (password hashed and encrypted)
- Account preferences and settings
3.2 Billing Information
- Billing name and email
- Billing address and country
- Subscription plan and pricing information
- Transaction history and invoice records
3.3 Usage Data
- IP address and device information
- Browser type and operating system
- Pages visited and features used
- Timestamps and session duration
- API usage metrics and automation activity
3.4 Technical Data
- Log files and error reports
- Performance metrics
- Cookie identifiers
- Analytics data (aggregated and anonymized)
4. WhatsApp Business Data
4.1 WhatsApp Business Account Connection
When you connect your WhatsApp Business account, we collect:
- WhatsApp Business Account ID
- Phone Number ID
- Business Profile information (name, description, address, etc.)
- Access tokens for WhatsApp Business API
4.2 Contact and Conversation Data
Through WhatsApp Business API, we process:
- Contact Information: Phone numbers, names, profile pictures
- Message Content: Text messages, media files, message timestamps
- Conversation Metadata: Message status, conversation threads, labels/tags
- Custom Attributes: Any custom fields you create to store contact information
4.3 How We Use WhatsApp Data
- Display conversations in your dashboard
- Execute automation workflows you configure
- Synchronize data with Google Sheets (if enabled)
- Provide analytics and reporting on message delivery
- Store conversation history for your reference
- Enable AI chatbot responses (if configured)
4.4 WhatsApp Data We Do NOT Access
- End-to-end encrypted message content beyond what WhatsApp Business API provides
- Personal WhatsApp accounts (only Business API accounts)
- Contact lists not shared through your Business account
- WhatsApp payment information
4.5 WhatsApp Data Retention
- Active conversations: Retained as long as your account is active
- After account deletion: Purged within 30 days
- Backups: May persist in encrypted backups for up to 30 additional days
5. Google User Data & OAuth Integration
5.1 OAuth Scopes Requested
When you connect your Google account, we request:
- auth/spreadsheets – Read/write access to Google Sheets
- auth/drive.file – Access files created/opened by our app
- auth/userinfo.email – Your email address
- openid – Authentication
5.2 Google Data We Access
- Email address (for account identification)
- Spreadsheet names and IDs (to display in selectors)
- Sheet structure (tab names, column headers)
- Cell data in configured rows/columns (for automation)
5.3 How We Use Google Data
- Authenticate your Google account
- List available spreadsheets for selection
- Read data to find rows for updates
- Write WhatsApp data to your sheets
- Maintain synchronization between WhatsApp and Sheets
5.4 Google Data We Do NOT Access
- Gmail messages or email content
- Google Drive files (documents, images, etc.)
- Google Calendar, Contacts, or Photos
- Spreadsheets not explicitly selected by you
5.5 Token Security
- Access tokens (1-hour expiry, auto-refreshed)
- Refresh tokens (encrypted, stored securely)
- Transmitted only via HTTPS/TLS
- Deleted within 24 hours of disconnection
5.6 Disconnecting Google Account
You can revoke our access to your Google account at any time:
- From your dashboard (Settings → Integrations → Disconnect Google)
- From Google directly at Google Account Permissions
6. How We Use Your Data
6.1 Primary Purposes
- Provide Services: Execute WhatsApp automations, sync data with Google Sheets
- Account Management: Authenticate users, manage subscriptions, send service notifications
- Customer Support: Respond to inquiries, troubleshoot issues, provide technical assistance
- Service Improvement: Analyze usage patterns, fix bugs, develop new features
- Security: Detect fraud, prevent abuse, protect against security threats
- Legal Compliance: Meet tax obligations, respond to legal requests, enforce Terms of Service
6.2 Marketing Communications (Optional)
With your consent, we may send:
- Product updates and feature announcements
- Educational content and best practices
- Promotional offers (you can opt-out anytime)
6.3 What We Do NOT Do With Your Data
- Sell or rent your personal data to third parties
- Use WhatsApp conversation content for advertising
- Share Google Sheets data with advertisers
- Train AI models on your private conversations (except with explicit consent for AI chatbot features you enable)
- Access your data for purposes unrelated to providing our services
8. Data Security
8.1 Security Measures We Implement
- Encryption: HTTPS/TLS for data in transit, AES-256 for sensitive data at rest
- Access Controls: Role-based permissions, least-privilege principle
- Authentication: Strong password requirements, optional 2FA, secure session management
- Infrastructure: Firewalls, DDoS protection, regular security updates
- Monitoring: Real-time threat detection, audit logs, anomaly alerts
- Data Isolation: Multi-tenant architecture with logical data separation
- Regular Audits: Security assessments and penetration testing
8.2 Your Security Responsibilities
- Keeping your password confidential and secure
- Enabling two-factor authentication (recommended)
- Not sharing your account credentials
- Logging out of shared devices
- Promptly reporting any suspected unauthorized access
- Securing your own devices and internet connections
8.3 Security Disclaimer
9. Data Retention
| Data Type | Retention Period | After Deletion |
|---|---|---|
| Account information | Active account lifetime | 30 days grace period, then deleted |
| WhatsApp conversations | Active account or 90 days inactive | Deleted within 30 days |
| Google OAuth tokens | Until disconnected | Deleted within 24 hours |
| Billing records | 7 years | Cannot be deleted (legal requirement) |
| Usage logs | 30 days rolling | Auto-deleted after 30 days |
| Support tickets | 24 months | Deleted on request |
| Encrypted backups | 30 days | Overwritten after 30 days |
After retention periods expire, data is securely deleted or anonymized. Legal requirements may require us to retain certain data longer.
10. Your Rights and Choices
10.1 Rights Under Data Protection Laws
Depending on your location (GDPR, CCPA, etc.), you may have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your personal data
- Data Portability: Receive your data in a structured, machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to certain types of processing
- Withdraw Consent: Revoke consent for data processing
10.2 How to Exercise Your Rights
- Using settings in your dashboard to update or delete data
- Contacting us at [email protected]
- Disconnecting integrations (WhatsApp, Google) from your account settings
We will respond to requests within 30 days. For complex requests, we may need additional time and will notify you. We may verify your identity before processing requests.
11. International Data Transfers
Our services may involve data transfers to countries outside your own, including:
- United States (cloud hosting, WhatsApp API)
- European Union (Google data centers)
- Singapore (cloud infrastructure)
- Other countries where our service providers operate
When we transfer data internationally, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by data protection authorities
- Encryption in transit and at rest
- Your consent (where required)
12. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete such information.
13. We Do Not Sell Your Data
14. Changes to This Privacy Policy
When we make material changes, we will:
- Update the "Last Updated" date
- Notify you via email (for significant changes)
- Display a prominent notice on the Platform
Your continued use of the Platform after changes become effective constitutes acceptance of the revised policy.
15. Contact Information
For privacy-related inquiries:
- Email: [email protected]
When contacting us, please include your registered email address, the nature of your request, and any relevant account details. We typically respond within 5-7 business days.
© 2026 SixBeesAI. All rights reserved. This Privacy Policy is part of our Terms of Service.