Privacy Policy

Last updated: 30 May 2026

Sahel (سهل) is a multi-tenant WhatsApp AI assistant operated by the platform owner ("we", "us"). This policy explains what data we process, why, and how long we keep it. By using Sahel — either as a subscribing business ("Tenant") or as a person messaging a Tenant’s WhatsApp number ("End user") — you agree to the processing described below.

1. What we collect

  • WhatsApp message content sent by an End user to a Tenant’s WhatsApp Business number, plus replies generated by the AI assistant.
  • Sender phone number and WhatsApp profile name, as provided by the WhatsApp Cloud API.
  • Knowledge documents uploaded by Tenants (FAQs, product catalogues, policies) used to ground the AI’s replies.
  • Tenant administrator account information — email, name, hashed password — for dashboard authentication.
  • Operational metadata — message timestamps, conversation counts, token usage — for billing, debugging, and abuse prevention.

2. Why we process it

  • To deliver the messaging assistant requested by the Tenant.
  • To ground AI replies in the Tenant’s uploaded knowledge.
  • To show the Tenant their conversation history in the dashboard.
  • To meter usage for billing and quota enforcement.
  • To protect against abuse, fraud, and rate-limit violations.

3. Sub-processors

To operate the service, we share data with the following sub-processors, each governed by their own privacy terms:

  • Meta (WhatsApp Cloud API) — message routing.
  • Google (Gemini API) — AI reply generation and embeddings.
  • Neon — managed Postgres database hosting.
  • Upstash — managed Redis for job queue.
  • Railway — backend application hosting.
  • Vercel — dashboard application hosting.

4. Tenant isolation

Sahel is multi-tenant. Every database query is scoped to a single Tenant ID at the application layer, and the access-control model in the dashboard ensures one Tenant can never view another Tenant’s conversations, documents, or settings.

5. Retention

Conversations and end-user profiles are retained for as long as the Tenant account is active. When a Tenant deletes their tenant in the dashboard, all associated conversations, end-user records, and knowledge documents are deleted within 30 days.

6. Your rights

If you are an End user who messaged a Tenant’s number and you want your messages deleted, contact the Tenant directly — they control their own data. If you cannot reach the Tenant, write to us at the email below and we will process the deletion within 30 days.

7. Security

All traffic is encrypted in transit (TLS). Database and Redis connections use TLS. Tenant administrator passwords are hashed with bcrypt before storage. Webhook payloads from Meta are HMAC-verified before processing.

8. Changes to this policy

We may update this policy as the service evolves. Material changes will be communicated via the dashboard.

9. Contact

Questions about this policy or data deletion requests: contact the platform owner via the support channel listed in your dashboard.