Legal

Privacy Policy

Last updated: March 2026

1. Introduction

The Green Point (“we”, “our”, “us”) provides a WhatsApp-based appointment booking chatbot as a service to businesses (“you”, “Business Client”). This Privacy Policy explains how we collect, use, store, and protect data in the course of providing our service to you, including data relating to your business and the customers who book through the chatbot we set up for you.

2. Information We Collect

From Business Clients (you):

  • Business details — business name, service offerings, staff names, operating hours, and pricing as needed to configure your chatbot.
  • WhatsApp Business number — the number we connect to the chatbot on your behalf.
  • Google Calendar credentials — OAuth tokens used to sync appointments to your calendar.
  • Contact information — your phone number and email for account and notification purposes.

From your customers (via the chatbot):

  • WhatsApp phone number — used to identify the customer and deliver booking messages.
  • Name — if provided during the booking flow.
  • Booking details — service type, preferred date, time, and staff member selected.
  • Message content — messages exchanged with the chatbot, used solely for delivering the booking service.

3. How We Use Information

We use the information we collect to:

  • Set up, configure, and operate your WhatsApp booking chatbot.
  • Process, confirm, and manage bookings on your behalf.
  • Send booking confirmations, reminders, and status updates to your customers via WhatsApp.
  • Sync confirmed appointments to your Google Calendar.
  • Send you booking notifications with approve/deny options.
  • Maintain and improve the quality and reliability of the service.

4. Data Sharing & Third Parties

We do not sell, rent, or distribute any business or customer data to third parties for marketing or advertising purposes. Customer booking data is shared only with the specific Business Client the customer is booking with.

We rely on the following third-party services to operate the platform:

  • Meta (WhatsApp Business API) — for sending and receiving messages on your WhatsApp number.
  • Google Calendar API — for syncing appointments to your calendar.
  • Supabase — for secure database storage.
  • Railway — for hosting the chatbot application.

5. Data Security

We take data security seriously. All sensitive credentials, including Google Calendar OAuth tokens, are encrypted at rest using industry-standard encryption (AES-256). All communications between our systems and third-party services are conducted over HTTPS. We follow established security best practices to protect against unauthorised access, alteration, or disclosure.

6. Data Retention

We retain your business configuration data and customer booking data for the duration of your service agreement with us. Upon termination, we will retain data for a reasonable period for record-keeping and then securely delete it. You may request the deletion of your data at any time by contacting us.

7. Your Responsibilities

As a Business Client, you are responsible for complying with all applicable data protection laws — including the Protection of Personal Information Act (POPIA) — regarding the customer data you receive through the chatbot. You must not use customer contact information obtained through the service for unsolicited marketing without the customer's explicit consent.

8. Your Rights

In accordance with POPIA, you have the right to:

  • Access the data we hold relating to your business.
  • Request the correction of any inaccurate or incomplete information.
  • Request the deletion of your data upon termination of the service.
  • Object to the processing of your data.
  • Lodge a complaint with the Information Regulator if you believe your rights have been infringed.

9. Contact Us

If you have any questions about this Privacy Policy or wish to exercise any of your rights, please contact us:

Email: aseel.k.suliman@gmail.com

Phone: 084 636 6551