1. Introduction
Com AI Technologies Private Limited ("ComAI", "we", "us", or "our") operates the ComAI AI Commerce Operating System — a SaaS platform that helps eCommerce brands automate sales, support, WhatsApp commerce, voice calling, and analytics using artificial intelligence.
This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit https://comai.in, use our dashboard at https://comai.in, connect your online store, or interact with ComAI-powered agents on any channel.
By accessing or using ComAI, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of our services.
2. Information We Collect
2.1 Account & Business Information
- Name, email address, phone number, and password when you register
- Business name, GSTIN, billing address, and company details for invoicing
- Store connection credentials and platform identifiers (Shopify, WooCommerce, etc.)
- Team member names, roles, and access permissions within your organization
2.2 Customer & Conversation Data
- End-customer messages, order history, and product inquiries processed by AI agents
- Chat transcripts from web widgets, WhatsApp, and voice calling integrations
- Cart abandonment events, purchase intent signals, and conversion metadata
- Product catalog, pricing, inventory, and knowledge base content you upload
2.3 Technical & Usage Data
- IP address, browser type, device identifiers, and operating system
- Dashboard activity logs, API request metadata, and feature usage analytics
- Webhook delivery logs, integration health metrics, and error diagnostics
- Cookies, session tokens, and similar tracking technologies (see Cookie Policy)
3. AI Conversation Processing
ComAI uses large language models and proprietary AI pipelines to generate responses, qualify leads, recover abandoned carts, verify COD orders, and automate customer support on your behalf.
When a conversation is processed, relevant context — including product data, order status, customer message history, and your configured agent instructions — is transmitted to our AI infrastructure for inference. Responses are generated in real time and logged in your dashboard for review and audit.
We do not use your proprietary business data, customer conversations, or store content to train public foundation models without your explicit consent. AI processing is scoped to delivering the subscribed ComAI services for your account.
You remain the data controller for end-customer personal data processed through ComAI agents. We act as a data processor on your instructions and in accordance with applicable Indian data protection principles and your configured retention settings.
4. WhatsApp Integrations
When you connect WhatsApp Business API or Meta Cloud API through ComAI, we process WhatsApp phone numbers, message content, media attachments, delivery receipts, and template approval metadata necessary to operate your WhatsApp AI Agent.
WhatsApp data is transmitted through Meta's approved infrastructure and stored in ComAI's secure cloud environment in India or approved sub-processor regions. Message retention follows your plan settings and Meta's platform policies.
You are responsible for obtaining valid customer consent for WhatsApp communications and complying with Meta's Commerce and Business Messaging policies, TRAI regulations, and applicable telecom guidelines in India.
5. Calling Integrations
ComAI's AI Calling Agent initiates and receives voice calls through integrated telephony providers. We process phone numbers, call recordings (where enabled), call transcripts, IVR responses, and call outcome metadata.
Call recordings and transcripts are stored encrypted and accessible only to authorized users on your account. You must inform end-customers that calls may be recorded or processed by AI where required by law.
Outbound calling campaigns must comply with TRAI Do-Not-Disturb (DND) regulations, National Customer Preference Register (NCPR) requirements, and applicable telemarketing guidelines.
7. Data Retention
- Account data is retained for the duration of your subscription and up to 90 days after account closure, unless a longer period is required by law or you request earlier deletion.
- Conversation logs and AI interaction history are retained per your plan configuration, typically 12–24 months, after which data is archived or permanently deleted.
- Billing records, invoices, and tax documentation are retained for 8 years in compliance with Indian GST and Companies Act requirements.
- You may request export or deletion of your data by contacting support@comai.in. Deletion requests are subject to legal retention obligations.
8. Security Measures
ComAI implements industry-standard security controls including TLS 1.3 encryption in transit, AES-256 encryption at rest, role-based access control, multi-factor authentication, and comprehensive audit logging.
Our infrastructure is hosted on SOC 2-compliant cloud providers with regular vulnerability assessments, penetration testing, and incident response procedures.
See our Security page for detailed information about our security program.
10. Your Rights
- Access and receive a copy of personal data we hold about you
- Correct inaccurate or incomplete information
- Request deletion of data not subject to legal retention
- Withdraw consent for optional processing activities
- Lodge a complaint with the relevant data protection authority
11. Contact Us
For privacy-related inquiries, data subject requests, or security concerns, contact our Data Protection Officer:
Com AI Technologies Private Limited Email: support@comai.in Phone: +91 6283075131 Address: WeWork, Gurgaon, Haryana, India