Privacy Policy

2.1 Account Information

When you create an account, we collect:

• Full name and display name
• Email address
• Password (encrypted and hashed)
• Business name, address, and contact information
• Payment and billing information (processed securely via Stripe)

2.2 Third-Party Platform Data

When you connect your business profiles, we access data from these platforms with your authorization:

• Google Business Profile: Business information, reviews, ratings, and responses
• Meta (Facebook/Instagram): Page information, reviews, recommendations, messages, comments, and page insights
• TikTok: Business account information, comments, and mentions

2.3 Usage and Technical Data

We automatically collect certain information when you use our Service, including IP address, browser type and version, device information, operating system, pages visited and features used, date and time of access, and referral URLs. This data helps us improve our Service and ensure security.

3.1 AI-Assisted Content Generation (Human-in-the-Loop)

ALTYAA uses Artificial Intelligence (AI) to analyze customer sentiment and generate suggested drafts for review replies and social media posts. When you use our AI reply assistance feature, your review and comment text is processed by our AI service provider to generate draft response suggestions. This processing is temporary and occurs only when you explicitly request suggestions.

User Control: All AI-generated content is provided as a draft only. Users must manually review, edit (if desired), and approve all content before it is published to any Meta platform or other connected service. We do not use fully automated AI agents to post content without human intervention.

Data Usage: We do not use your private Meta Platform Data or your customers' personal information to train third-party AI models. Data sent to AI processors is used only for real-time generation and is handled according to our secure data processing agreements.

4.1 Google Business Profile

We use Google's APIs to access your business profile data. Our use of Google user data is limited to the practices explicitly disclosed in this privacy policy. We comply with Google API Services User Data Policy, including the Limited Use requirements.

Data accessed includes:

• Business profile information (name, address, categories)
• Customer reviews and ratings
• Your review responses

4.2 Meta Platform Data Integration (Facebook/Instagram)

Our Services allow you to connect your Meta (Facebook and Instagram) accounts via the Meta Graph API. By connecting these accounts, you authorize ALTYAA.com to access and process "Platform Data" (as defined by Meta), including but not limited to Page ratings, reviews, recommendations, comments, messages, and media content. We process this data solely to provide you with social media management, reputation analysis, and engagement tools. We comply with Meta's Platform Terms and Developer Policies.

Platform Data accessed includes:

• Facebook Pages and Instagram Business accounts you manage
• Reviews, recommendations, and ratings
• Messages and comments (only with your explicit consent)
• Page insights and analytics

When using Page Insights, ALTYAA LLC and Meta act as joint data controllers. You can review Meta's Page Controller Addendum for more information about this arrangement.

4.3 TikTok

We integrate with TikTok's Business API to monitor and manage your TikTok business presence. We access business account information, comments, and mentions in accordance with TikTok's API Terms of Service.

User-Initiated Disconnection: You may disconnect your Meta account at any time through your ALTYAA dashboard settings or by removing ALTYAA from your "Apps and Websites" settings on Facebook. Upon disconnection, all Meta Platform Data will be automatically purged within 30 days.

8.1 Rights for European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restriction: Request that we limit how we use your data
• Right to Data Portability: Request your data in a machine-readable format
• Right to Object: Object to processing of your data for certain purposes
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent to process your data

8.2 Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request information about the categories and specific pieces of personal information we have collected, used, disclosed, and sold
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale or sharing of your personal information. Note: We do not sell your personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

We do not sell personal information as defined by the CCPA/CPRA. We do not share personal information for cross-context behavioral advertising.

• Through your ALTYAA dashboard: Navigate to Settings > Account > Delete Account
• By email: Contact us at privacy@altyaa.com with your deletion request
• Through our Data Deletion page: Visit /data-deletion for instructions and to submit a deletion request

Automatic Purge: Upon account termination or Meta disconnection, we will purge all associated Meta Platform Data from our active servers within 30 days, unless retention is required by law.

Email: privacy@altyaa.com