Privacy & Data Protection

Privacy Policy

Last updated: October 7, 2025

Quick Navigation
1. Introduction2. Data We Collect3. How We Use Data4. Data Sharing5. Data Security6. Your Rights (GDPR)7. Data Retention8. Cookies9. Contact Us
1. Introduction

XIFY ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our booking automation platform with Telegram bot integrations.

2. Information We Collect

Personal Information

We collect information you provide directly:

  • Name and contact information (email, phone)
  • Business information (business name, type of service)
  • Payment information (processed securely through Stripe - we don't store card details)
  • Customer booking data you input into the system
  • Telegram user IDs and bot interaction data

Automatically Collected Information

When you use our services:

  • Log data (IP address, browser type, access times)
  • Device information
  • Usage data and analytics
  • Cookies and tracking technologies
3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our booking automation services
  • Process Telegram bot interactions and booking workflows
  • Process transactions and send related information
  • Send technical notices and support messages
  • Respond to your comments and questions
  • Monitor and analyze trends, usage, and activities
  • Detect, prevent, and address technical issues and fraud
  • Comply with legal obligations and UK GDPR
4. Data Sharing & Disclosure

We may share your information with:

Service Providers

Stripe (payments), Supabase (hosting), Telegram (bot communications)

Legal Requirements

If required by law or in response to valid requests by public authorities

We do not sell your personal information to third parties.

5. Data Security

We implement industry-standard security measures to protect your data:

  • AES-256 encryption for data at rest
  • TLS/SSL encryption for data in transit
  • Regular security audits and penetration testing
  • Multi-factor authentication and access controls
  • Regular backups and disaster recovery procedures
  • Supabase Row-Level Security (RLS) for multi-tenant data isolation
6. Your Rights (UK GDPR)

Under UK GDPR, you have the following rights:

Access

Request access to your personal data

Correction

Request correction of inaccurate data

Deletion

Request deletion of your data

Portability

Request transfer of your data

Objection

Object to processing of your data

Restriction

Request restriction of processing

To exercise these rights, contact us at privacy@xify.dev

7. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal purposes.

8. Cookies & Tracking

We use cookies and similar tracking technologies to track activity on our service. You can instruct your browser to refuse all cookies or indicate when a cookie is being sent. However, some features may not function properly without cookies.

9. Contact Us

Privacy Inquiries

privacy@xify.dev

General Support

support@xify.dev

By using XIFY, you acknowledge that you have read and understand this Privacy Policy.