Privacy Policy

Last updated: June 25, 2026


1. Introduction

ChatX Cloud ("we", "our", or "us") is a customer relationship management (CRM) and chatbot platform for service and consulting businesses. Businesses connect their Facebook Page and linked Instagram professional account to manage customer conversations from Facebook Messenger and Instagram Direct in a shared inbox, with AI-assisted replies. This Privacy Policy explains what information we access through Meta's platforms, how we use and share it, and how it can be deleted.

2. Facebook Login & Account Connection

Business users sign in with Facebook to connect their Page and Instagram account. During this process we access:

  • Basic profile (public_profile) — the signing-in user's name, used only to authenticate them and show who is connecting an account. We do not store it beyond session identification.
  • Business & Pages list (business_management, pages_show_list) — the list of Facebook Pages and Business Portfolios the user manages, so they can choose which Page to connect. We store only the identifier and name of the Page that is actually connected.
  • Page metadata & identity (pages_read_engagement, pages_manage_metadata) — the connected Page's basic info, and webhook subscriptions so messages are delivered to our platform in real time.
  • Instagram account info (instagram_basic) — the id and username of the Instagram professional account linked to the connected Page, to identify and display it in our app.
3. Customer Conversation Data

When an end customer messages a connected Page on Messenger (pages_messaging) or via Instagram Direct (instagram_manage_messages), we receive and store:

  • Display name & profile picture — the customer's public name and avatar on Facebook / Instagram, shown in the inbox.
  • Scoped user ID — a unique identifier assigned by Meta for each customer–Page/account pair (PSID / IGSID).
  • Message content — text, images, and files exchanged with the Page/account.
  • Message timestamps — the date and time each message was sent.
4. How We Use Your Information

The information accessed is used solely to:

  • Authenticate the business user and connect their Facebook Page and Instagram account.
  • Receive customer messages from Messenger and Instagram Direct and display conversations in our shared inbox.
  • Send replies on behalf of the business — both AI auto-replies and human-agent replies — within the standard messaging window.
  • Send Meta-approved utility message templates (pages_utility_messaging) for transactional updates — such as order/appointment status changes and reminders — outside the 24-hour window. These are non-promotional and never used for marketing.
  • Capture leads and track customer interactions for the business to follow up.

We do not use this data for advertising, profiling, or any purpose beyond enabling the business to communicate with its own customers.

5. Data Sharing

We do not sell, rent, or share personal data with third parties, except:

  • Meta (Facebook & Instagram) — as required to operate within the Messenger and Instagram messaging platforms under Meta's Platform Terms.
  • AI service providers — message content may be sent to OpenAI or Anthropic APIs solely to generate automated replies; these providers process data under their own privacy policies and do not use it to train their models.
6. Data Retention

Conversation and connection data is retained for as long as the business account is active. When a Page or Instagram account is disconnected, or the account is closed, the associated data is removed. We retain data no longer than necessary for the purposes described above.

7. Data Deletion

Businesses and their customers may request deletion of their data at any time by emailing us at the address below with the relevant Page/Instagram account or customer identifier. We will delete all associated messages, profile information, and identifiers within 30 days of a verified request. Disconnecting a Page or Instagram account in the app also removes the data linked to that connection.

8. Data Security

All data is stored in encrypted databases. Access is restricted to authorized personnel only. We use industry-standard security measures, including HTTPS encryption for all data in transit.

9. Your Rights

You have the right to access, correct, or request deletion of your personal data. To exercise these rights, please contact us using the information below.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

ChatX Cloud

Email: support@softx.asia

Website: https://app.chatx.cloud