Heoxify
Privacy Policy
1. Scope
Heoxify is a product and brand operated by Heoxa Teknoloji.
This Privacy Policy describes how Heoxa Teknoloji (“we”, “us”) collects, uses, stores, and shares information when you use the Heoxify service: AI-assisted handling of incoming Instagram DMs and website chat, lead capture, and related dashboard features.
2. What we collect
| Category | Examples |
|---|---|
| Account & workspace | Email, password hash, organization/workspace name, role, settings you save in the product. |
| Channel & conversation data | Content and metadata from Instagram/web chat you connect (e.g., message text, sender identifiers as provided by the platform, timestamps) to show inbox threads, generate AI-assisted replies you enable, and build lead records you view in the dashboard. |
| Technical & security | IP address, device/browser data, logs for reliability and abuse prevention, cookies or similar technologies where we operate a web session. |
| Billing (paid plans) | Handled primarily by our Merchant of Record (payment status, receipt email, tax details as required when you pay). We store subscription state needed to provision your workspace. |
3. How we use information
- Provide, secure, and improve the Service;
- Authenticate users and enforce plan limits (e.g., conversation credits);
- When you enable AI features, process conversation text with our AI subprocessors to produce suggestions or sends according to your rules;
- Comply with law, respond to valid legal requests, and protect rights and safety;
- Communicate about the Service, billing, and important policy changes.
4. Legal bases (EEA/UK style summary)
Where GDPR-style rules apply, we rely on contract (providing Heoxify), legitimate interests (security, product improvement balanced against your rights), and, where required, consent (e.g., certain cookies or optional communications). You may withdraw consent where processing is consent-based.
5. Sharing
We share data with:
- Infrastructure and AI providers that host or process data under contract and security commitments;
- Merchant of Record for payments as described when you subscribe;
- Meta Platforms when you connect Instagram—according to your authorization and Meta’s terms;
- Authorities when required by law or to protect Heoxify and users.
We do not sell personal information in the “sale for money” sense common to U.S. state privacy laws.
6. Retention
We keep account and conversation data as long as your workspace is active and for a reasonable period afterward for backups, disputes, and legal obligations. You may request deletion subject to law and legitimate retention needs; some billing records may be kept longer for tax and compliance.
7. Security
We implement technical and organizational measures appropriate to the risk (access controls, encryption in transit where standard, monitoring). No method of transmission over the Internet is 100% secure.
8. International transfers
We may process data in Türkiye, the EU/EEA, the United States, or other regions where providers operate. Where required, we use appropriate safeguards (e.g., standard contractual clauses).
9. Your rights
Depending on your location, you may have rights to access, correct, delete, port, or restrict processing of your personal data, and to object to certain processing. Contact us to exercise rights; you may also lodge a complaint with your supervisory authority.
10. Children
The Service is for business use and is not directed at children. We do not knowingly collect personal information from children.
11. Changes
We may update this Policy. We will post the new version here and update the date above.
12. Contact
Privacy questions: info@heoxa.com
Heoxa Teknoloji — Istanbul, Türkiye · Product: heoxify.com