Privacy Policy

Ounsia is an autonomous WhatsApp concierge for accommodation hosts. This policy covers personal data processed when (a) a host uses the dashboard, and (b) a guest interacts with a host's bot over WhatsApp. The data controller for both is TO BE PROVIDED: registered company name.

For guest data processed in the course of serving a specific host's guests, the host and Ounsia may act as joint or independent controllers depending on the activity; the host is responsible for the lawful basis to use the bot with their guests and to share provider contact details (see the Host Agreement).

From hosts

• Account data: full name, email address, WhatsApp/phone number, hashed password, interface language, verification status.
• Property data: addresses, Wi-Fi and access details, house rules, FAQs, and media you upload (stored via our media processor).
• Service data: the third-party providers you add, including their names and contact details (such as a provider's phone or WhatsApp number) that you choose to enter.
• Billing data: billing profile (legal name, tax id, address), top-up requests, bank-transfer proof you submit, token balance, and invoices.
• Usage data: dashboard activity, settings, audit logs of sensitive actions.

From guests (over WhatsApp)

• The guest's WhatsApp/phone number and profile name as provided by WhatsApp.
• Message content: text messages, voice notes (transcribed to text), and photos (analysed by vision AI), plus any location, pickup, or service-request details the guest provides.
• The detected language of the guest and the conversation session state.

Collected automatically

• Technical data such as IP address, device/browser information, and timestamps, used for security, rate-limiting, and abuse detection.
• Product analytics events (see the Cookie & Tracking Notice).

We process personal data to provide and secure the service: to operate host accounts, to let the bot answer guests from the host's data, to relay and translate requests to local services, to bill hosts, to prevent abuse and fraud, and to comply with law.

• Performance of a contract — to provide the dashboard and bot to hosts, and to relay guest requests they initiate.
• Legitimate interests — to secure the service, prevent abuse, debug, and improve reliability, balanced against your rights.
• Consent — where required, for example certain analytics and the guest's choice to continue with the bot or to be connected to a third party.
• Legal obligation — for invoicing, tax, and responding to lawful requests.

Guest messages are processed by AI to understand intent, transcribe voice notes, analyse photos, translate between languages, classify requests, and detect abuse. We use third-party AI providers as sub-processors for this (see below). A smart-routing layer chooses an AI model per task.

The bot answers from the host's verified data; AI processing can nonetheless produce errors and should not be relied on for decisions requiring professional, legal, medical, or emergency judgment. We do not use guest message content to train third-party foundation models, and we instruct our AI sub-processors not to train on it where their terms allow such instruction. TO BE PROVIDED: confirm AI sub-processor training/retention terms

When a guest asks to be connected to a local service, Ounsia relays and translates the request to the relevant third-party provider on the host's behalf. This necessarily shares the substance of the request (and, as needed, a pickup location or order detail) with that provider. Ounsia acts as an intermediary; the provider is independent and the host is responsible for providers they added.

We do not sell personal data. We share it only with the sub-processors listed below, with a relayed third-party provider as described, with the host whose guest is being served, and where required by law or to protect rights and safety.

We rely on the following service providers to operate Ounsia. They process personal data on our behalf under data-processing terms, only as needed to provide their function:

• Neon — managed PostgreSQL database hosting (account, property, conversation, and billing data).
• Vercel — application hosting and content delivery.
• Meta Platforms (WhatsApp Cloud API) — delivery of WhatsApp messages to and from guests.
• Anthropic — AI processing (understanding, translation, classification).
• OpenAI — AI processing, voice transcription, and text embeddings.
• Cloudinary — storage and delivery of media (property photos, uploaded files).
• Resend — transactional email (verification, password reset, notifications).
• Upstash — caching, rate-limiting, and message queueing.
• Inngest — background job processing (notifications, scheduled tasks).
• PostHog — product analytics and error tracking.
• Twilio — SMS one-time codes, used only as a fallback when WhatsApp delivery fails. TO BE PROVIDED: confirm whether Twilio SMS fallback is enabled

The current, definitive list of sub-processors and their locations is maintained at TO BE PROVIDED: sub-processor list URL or contact.

Some sub-processors are located outside Morocco and outside the European Economic Area. Where personal data is transferred internationally, we rely on appropriate safeguards (such as standard contractual clauses or an adequacy decision) and on the sub-processors' own compliance commitments. TO BE PROVIDED: transfer mechanism details

We keep personal data only as long as needed for the purposes above or as required by law, then delete or anonymise it. Indicative periods (to be confirmed by counsel):

• Host account and billing records: TO BE PROVIDED: host account / billing retention period.
• Guest messages, transcriptions, and media: TO BE PROVIDED: guest message / media retention period.
• Conversation sessions and bot status: TO BE PROVIDED: conversation session retention period.
• Security and audit logs: TO BE PROVIDED: security/audit log retention period.

Subject to applicable law, you have the right to access your personal data, to rectify inaccurate data, to request erasure, to restrict or object to certain processing, to data portability, and to withdraw consent where processing is based on consent. Withdrawing consent does not affect prior lawful processing.

Hosts can manage much of their data directly in the dashboard. Guests, and hosts for other requests, can contact us at TO BE PROVIDED: operator contact email (legal/privacy). We will verify identity before acting and respond within the period required by applicable law.

Where Moroccan Law No. 09-08 on the protection of individuals with regard to the processing of personal data applies, Ounsia processes personal data in accordance with that law and with the requirements of the Commission Nationale de contrôle de la protection des Données à caractère Personnel (CNDP), including any declaration or authorisation obligations.

Our CNDP declaration/authorisation reference is TO BE PROVIDED: Morocco Law 09-08 / CNDP declaration or authorisation number. Data subjects in Morocco may exercise their rights as described above and may also contact the CNDP.

Where the EU General Data Protection Regulation applies (for example, a guest in the EU), the rights and legal bases described in this policy apply as GDPR rights, and you may lodge a complaint with your local supervisory authority. The legal bases relied on are those set out in Section 3.

If an EU representative under Article 27 GDPR is appointed, their details are: TO BE PROVIDED: EU representative under GDPR Art. 27, if appointed.

We use technical and organisational measures appropriate to the risk, including encryption in transit, hashed credentials, encryption of certain sensitive fields, access controls, rate-limiting, and abuse detection. No system is perfectly secure; we cannot guarantee absolute security but we work to protect your data and to notify you of incidents as required by law.

The host dashboard is not intended for anyone under 18. The bot serves guests of a host's accommodation and is not directed at children. If you believe a child's data has been provided to us inappropriately, contact us so we can address it.

We may update this policy. Material changes will be communicated through the dashboard or by email. The effective date of the current version is TO BE PROVIDED: effective date.

For privacy questions or to exercise your rights, contact TO BE PROVIDED: operator contact email (legal/privacy). Our Data Protection Officer (where appointed) can be reached at TO BE PROVIDED: Data Protection Officer (DPO) contact. The controller is TO BE PROVIDED: registered company name, TO BE PROVIDED: registered address.