Privacy Policy

1. Introduction

This Privacy Policy explains how AI-Sensile (“AI-Sensile,” “we,” “us,” or “our”) collects, uses, shares, and protects personal data in connection with our services. AI-Sensile builds AI systems for sales, marketing, and content operations — including our AI-Powered CRM, Growth Engine, and AI Media Products — and operates Sendwise, a WhatsApp Business API platform for managing conversations at scale.

This policy applies to:

• The marketing website at aisensile.com and its subpages (the “Site”);
• The Sendwise platform at app.aisensile.com (the “Platform”); and
• Implementation, consulting, and partnership engagements delivered by AI-Sensile.

Where a section applies only to the Site or only to the Platform, we say so explicitly.

2. Who We Are

AI-Sensile operates from Istanbul and London and serves customers globally. For privacy questions, requests, or complaints, please contact us at hello@aisensile.com. The registered legal entity, registered address, and Data Protection Officer (where appointed) will be listed here once finalized.

3. Information We Collect

3.1 Information you provide

• Inquiries and contact requests. When you submit the contact form on the Site, we collect your full name, email address, the engagement model you are interested in, and the content of your message.
• Account registration (Platform). When you create a Sendwise account, we collect your name, email address, a password (stored hashed), and any profile or organization details you choose to provide.
• Billing data (Platform). Subscription payments are processed by Stripe. We do not receive or store full payment card numbers; we receive transaction metadata (e.g., plan, amount, status, last four digits) needed to operate your subscription.
• WhatsApp connection data (Platform). To connect a WhatsApp number, you authenticate via WhatsApp’s multi-device protocol; we store the resulting session credentials so the connection can persist.
• Conversation content (Platform). The Platform processes WhatsApp messages, attachments, contact identifiers (phone numbers, display names, group IDs), webhook events, and related metadata that flow through the numbers you connect.
• Support correspondence. If you contact us by email or via in-product channels, we keep a record of that correspondence.

3.2 Information collected automatically

• Server logs. Our servers log standard request metadata (IP address, user agent, timestamp, requested URL, response status) for security, debugging, and abuse prevention.
• Service telemetry (Platform). We log API requests, throughput, latency, and error rates for the Platform so we can operate and improve it.
• Cookies and similar technologies. See Section 9 below.

3.3 Information from third parties

We may receive limited information from service providers we use (for example, payment confirmations from Stripe or delivery statuses from email providers) so we can operate your account and the services you request.

4. How We Use Your Information

We use personal data to:

• Provide, operate, and maintain the Site and the Platform;
• Respond to inquiries, schedule meetings, and deliver the consulting, implementation, and partnership engagements you request;
• Authenticate users, secure accounts, and prevent fraud or abuse;
• Process payments, manage subscriptions, and issue invoices and receipts (Platform);
• Send transactional and service communications (e.g., account notices, billing notices, security alerts);
• Generate aggregated, de-identified analytics to monitor service health and improve our offerings;
• Comply with legal obligations and enforce our terms of service.

We do not sell personal data, and we do not use your conversation content on the Platform to train general-purpose models without your explicit consent.

5. Legal Bases for Processing

Where the EU/UK General Data Protection Regulation (“GDPR”) or analogous laws (such as Turkey’s KVKK) apply, we rely on the following legal bases:

• Contract. To provide services you have requested or to take steps before entering into a contract (e.g., responding to a sales inquiry).
• Legitimate interests. To secure our services, prevent abuse, operate basic analytics, and communicate with you about your account — balanced against your rights and expectations.
• Consent. Where we ask for it (e.g., for non-essential cookies if introduced, or for optional communications).
• Legal obligation. To meet tax, accounting, and other regulatory requirements.

6. Sharing & Disclosure

We share personal data only with the parties listed below, and only to the extent needed for them to perform their function:

• Hosting and infrastructure. Cloud and CDN providers that host the Site and the Platform.
• Payment processing (Platform). Stripe processes subscription payments and is an independent controller for the payment information it collects directly.
• Email delivery (Platform). Transactional emails are sent via SMTP through our email provider.
• Messaging infrastructure (Platform). WhatsApp / Meta operates the underlying messaging network for any number you connect to Sendwise; their handling of message content is governed by their own terms and privacy policies.
• AI model providers. Where AI features are enabled, prompts and the relevant context may be sent to model providers such as OpenAI to generate a response. ElevenLabs may be used to generate speech where voice features are enabled.
• Professional advisors. Lawyers, accountants, and auditors, where engagement requires it.
• Authorities. Where we are legally required to disclose information, or where disclosure is necessary to protect our rights, users, or the public.
• Corporate transactions. In connection with a merger, acquisition, financing, or sale of assets, in which case this Policy will continue to apply or you will be notified of any change.

A current list of subprocessors is available on request from hello@aisensile.com.

7. International Data Transfers

We operate from Istanbul and London and use service providers that may be located outside your country of residence, including in the European Economic Area, the United Kingdom, the United States, and Türkiye. Where personal data is transferred across borders, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Addendum, adequacy decisions, or equivalent mechanisms recognized under applicable law.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy:

• Inquiry data from the Site contact form is kept for as long as needed to respond to and follow up on your request, then archived or deleted.
• Account data on the Platform is kept for the life of your account and for a reasonable period afterwards to resolve disputes, comply with legal obligations, and enforce agreements.
• Conversation content processed through Sendwise is retained according to the configuration of your workspace and applicable retention settings; you can request export or deletion at any time.
• Billing records are retained for the period required by tax and accounting law in the relevant jurisdiction.
• Server and security logs are typically retained for a limited rolling window for security and operational purposes.

9. Cookies & Similar Technologies

The marketing Site does not currently use analytics or advertising cookies. The Platform uses strictly necessary cookies and similar technologies to authenticate users, maintain sessions, and protect against abuse. If we introduce non-essential cookies (for example, for product analytics), we will update this Policy and, where required by law, request your consent before setting them.

Most browsers allow you to control cookies through their settings. Disabling strictly necessary cookies may make parts of the Platform unusable.

10. Security

We use technical and organizational measures designed to protect personal data, including encryption in transit (TLS), access controls, hashed credentials, isolated session storage per workspace on the Platform, network firewalling, and routine software updates. No system is perfectly secure, and we cannot guarantee absolute security; if we become aware of a breach affecting your personal data, we will notify you and the relevant authorities as required by law.

11. Your Rights

Depending on where you live, you may have the following rights in relation to your personal data:

• Access a copy of the personal data we hold about you;
• Request correction of inaccurate or incomplete data;
• Request deletion of personal data, subject to legal exceptions;
• Restrict or object to certain processing;
• Request portability of data you provided to us;
• Withdraw consent at any time, where processing is based on consent, without affecting the lawfulness of prior processing;
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, email hello@aisensile.com. We may need to verify your identity before fulfilling your request, and we will respond within the timeframes required by applicable law.

Note for end-users of Sendwise customers. If you are a person whose WhatsApp message has been processed by a business that uses Sendwise, that business is the controller of your personal data; please direct your request to them. We will support our customers in responding to such requests.

12. Children’s Privacy

Our services are intended for businesses and professionals and are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.

13. Changes to This Policy

We may update this Policy from time to time. The “Last updated” date at the top of the page shows when it was last revised. If we make material changes, we will provide additional notice (for example, by email or through a prominent notice on the Site or the Platform).

14. Contact Us

If you have any questions, requests, or concerns about this Policy or about how we handle personal data, please contact us:

• Email: hello@aisensile.com
• Locations: Istanbul · London · Global
• Or via the contact page on this Site.