1. Introduction
Guiderbus (“Guiderbus,” “we,” “us,” or “our”) is a business automation agency that designs, builds, and operates AI-powered automations for our clients, including chatbots and messaging automations on the WhatsApp Business Platform. We are committed to protecting your privacy and handling personal data responsibly and in accordance with applicable data protection laws.
This Policy applies to information we process as a controller (for example, visitors to our website and prospective clients) and describes our role as a processor when we handle end-customer data on behalf of our clients under a separate services agreement.
2. Information We Collect
We collect the following categories of information:
Information you provide to us. When you contact us, request a consultation, join the platform waitlist, or engage our services, we may collect your name, business name, email address, phone number, service interests, budget or timeline preferences, and the contents of your messages.
Automatically collected information. When you visit our website, we may collect technical data such as your browser type, device information, pages viewed, and the date and time of your visit. We use privacy-friendly analytics to understand website usage in aggregate.
Messaging and WhatsApp data. When you interact with a WhatsApp or chatbot automation we operate, we may process your phone number, WhatsApp profile name, message content, and message metadata (such as timestamps and delivery status) in order to deliver the requested service. This data is processed on behalf of, and under the instructions of, the relevant business client.
Client and project data. To build and operate automations, we may access systems and data our clients authorize, such as CRM records, support tickets, and business documents.
3. How We Use Your Information
We use the information we collect to:
- Respond to enquiries and provide consultations.
- Design, build, deliver, operate, and support our services.
- Send and receive messages through the WhatsApp Business Platform and other channels you or our clients have configured.
- Operate, maintain, secure, and improve our website and services.
- Communicate with you about projects, updates, and administrative matters.
- Comply with legal obligations and enforce our agreements.
We do not sell your personal information, and we do not use the content of end-customer messages for advertising.
4. Legal Bases for Processing
Where the EU/UK General Data Protection Regulation applies, we process personal data on the following legal bases: performance of a contract, our legitimate interests (such as operating and improving our services), compliance with legal obligations, and your consent where required. You may withdraw consent at any time where processing is based on consent.
5. Third-Party Services
We rely on trusted third parties to provide our services. These providers process data on our behalf or as independent controllers under their own terms:
- Meta Platforms, Inc. (WhatsApp Business Platform). We use the official WhatsApp Business API to send and receive messages. Your use of WhatsApp is also governed by Meta's terms and privacy policy. See WhatsApp's Privacy Policy.
- AI and language model providers. We may send message content to AI service providers to generate responses, under agreements that restrict their use of that data.
- Hosting and infrastructure providers. Used to host our website and run automations securely.
- Resend. Used to deliver consultation and waitlist form submissions to our business inbox.
- Cloudflare Turnstile. Used to protect forms from spam and abuse.
- Plausible Analytics. Used to understand website usage in aggregate without Google Analytics.
- CRM and integration platforms. Used, where a client directs, to connect and synchronize business systems.
6. Data Sharing and Disclosure
We do not sell personal data. We may share information: with the service providers described above; with the business client on whose behalf we operate an automation; where required by law, regulation, or legal process; to protect the rights, safety, and property of Guiderbus, our clients, or others; and in connection with a merger, acquisition, or sale of assets, subject to appropriate safeguards.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this Policy, including to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods for end-customer messaging data are defined together with our clients. When data is no longer needed, we delete or anonymize it.
8. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include encryption in transit, access controls, and the principle of least privilege. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
9. International Data Transfers
We and our service providers may process data in countries other than your own. Where we transfer personal data internationally, we rely on appropriate safeguards, such as Standard Contractual Clauses, to ensure your data receives an adequate level of protection.
10. Your Rights
Depending on your location, you may have the right to access, correct, update, or delete your personal data; to object to or restrict certain processing; to data portability; and to withdraw consent. If you are in the European Economic Area or United Kingdom, you have rights under the GDPR. If you are a California resident, you have rights under the CCPA/ CPRA, including the right to know, delete, and opt out of the “sale” or “sharing” of personal information (we do not sell or share personal information as those terms are defined).
To exercise your rights, contact us at contact@guiderbus.com. If our processing of your data is carried out on behalf of a business client, we will refer your request to that client and assist them in responding. You also have the right to lodge a complaint with a supervisory authority.
11. Children's Privacy
Our website and services are intended for businesses and are not directed to children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.
12. Cookies and Analytics
Our website may use necessary technologies to operate the site, protect forms from abuse, and understand usage in aggregate. We do not use Google Analytics for the current website launch. If optional analytics or similar technologies are introduced later, we will update this Policy as needed.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above. Material changes will be communicated through our website. We encourage you to review this Policy periodically.
14. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
- Email: contact@guiderbus.com
- Website: guiderbus.com