Security & Privacy
ViViDlyPro is built with security and privacy as foundational requirements, not afterthoughts.
Data Encryption
- In transit: All data between your browser, our servers, and Meta's API uses TLS 1.3.
- At rest: All data stored in Google Cloud Firestore is encrypted using AES-256.
- API keys: Stored using one-way hashing — even our team cannot see your key after generation.
Access Controls
- Your data is isolated at the account level using Firestore security rules.
- No ViViDlyPro employee can read your conversation data without your explicit request to support.
- Team member role-based access prevents agents from seeing billing information or changing bot settings.
Data Retention
- Active accounts: Conversation data retained for 12 months rolling by default.
- Cancelled accounts: All data deleted after 30 days post-cancellation.
- On-request deletion: You can request immediate deletion at any time by contacting support.
Legal Compliance
- India: Compliant with the IT Act 2000, IT (RSPR) Rules 2011, and the Digital Personal Data Protection Act 2023.
- GDPR: European customer data is handled in compliance with GDPR requirements.
- Meta Platform Terms: Our WhatsApp and Instagram integration adheres to Meta's Platform Terms and Data Policy.
What Data We Store
We store:
- Your account information (name, email, business name)
- Your Knowledge Base content
- Conversation logs (messages + metadata)
- Analytics aggregates
We do NOT store:
- Payment card details (handled directly by Razorpay)
- Meta account passwords
- Your customers' personal data beyond what they share in messages
Reporting Security Issues
If you discover a potential security vulnerability, please email vividlyapp.in@gmail.com immediately. We take all reports seriously and respond within 24 hours.