Data Deletion

At Kharyo AI we respect your right to the deletion of personal data in accordance with the General Data Protection Regulation (GDPR), the Federal Law on Protection of Personal Data (LFPDPPP), and the policies of the Meta/WhatsApp platform.

1. Your Right to Deletion

As a Kharyo AI user, you have the right to request at any time the complete deletion of your personal data and the data processed on your behalf. This right applies regardless of whether your account is active, suspended, or cancelled.

2. Data Subject to Deletion

Upon processing your request, we will permanently delete:

• Account Data: Name, email address, billing information, and access credentials.
• Operation Data: Workflows, automation configurations, chatbots, and their knowledge documents (RAG).
• Communication Data: Conversation history, messages processed via WhatsApp API, interaction logs, and chatbot memory.
• Financial Data: Reconciliation records, payment receipts processed by Vision AI, and transaction logs.
• Contact Data: CRM records, leads, interactions, and contact data stored in your workspace.
• Integration Credentials: OAuth tokens, API keys, and connections with third-party services (Google, Shopify, Slack, etc.).

3. Data Retained by Legal Obligation

Some data may be retained after your deletion request if we are legally required to do so:

• Tax records: Invoices and billing data are retained for the fiscal period required by applicable law (generally 5 years).
• Security logs: Access and audit records may be retained for up to 12 months for security and fraud prevention requirements.
• Anonymized data: Aggregated and anonymized metrics that cannot be used to identify any individual.

4. How to Request Deletion

You can request the deletion of your data in the following ways:

Option A: Email (Recommended)

Send an email to [email protected] with:

• Subject: "Data Deletion Request"
• The email address associated with your account
• Your company/workspace name
• Specify whether you want total or partial deletion

Option B: From Your Control Panel

If you have access to your account, you can navigate to Settings → Account → Delete Account to start the process directly.

Option C: Deletion via Facebook/Meta

If you connected your account through Facebook Login or WhatsApp Embedded Signup, you can also request deletion from your Facebook account settings under "Apps and websites". When you do, Meta will notify us and we will process the deletion automatically.

5. Execution Timelines

• Receipt confirmation: Within 48 business hours of your request.
• Identity verification: 1-3 business days.
• Deletion execution: Maximum 30 calendar days from verification.
• Deletion confirmation: You will receive an email confirming the process was completed.

6. Third-Party Data Deletion

If you are a workspace administrator and request deletion, the data of your team members associated with that workspace will also be deleted. We recommend notifying your team before proceeding.

Data shared with third-party services (Google, Shopify, Slack, etc.) through OAuth integrations is the responsibility of those services once transmitted. We will revoke access tokens, but cannot guarantee deletion on external platforms.

7. WhatsApp-Specific Deletion

In accordance with Meta's policies for Business Solution Providers (BSP):

• Messages processed through the WhatsApp Cloud API are deleted from our servers.
• WhatsApp Business account (WABA) data is unlinked from Kharyo.
• Message templates approved by Meta remain in the client's WABA (not in Kharyo).
• Conversational memory (Redis) is purged immediately.

8. Security Commitment

During the deletion process, your data remains protected under the same security standards we apply during active service: encryption in transit (TLS 1.3) and at rest (AES-256), role-restricted access, and full operations audit.