Privacy Policy
Terakhir diperbarui: 30 Juni 2026
This Privacy Policy describes how NextiveAI ("NextiveAI", "we", "us", or "our"), a product operated by PT Nextive Harapan Gemilang, collects, uses, stores, shares, and protects information in connection with the NextiveAI platform available at https://app.nextiveai.com and related services (the "Service").
NextiveAI is a customer-communication and CRM platform that helps businesses manage conversations across messaging channels — including WhatsApp, Instagram, and Facebook Messenger — with features such as a shared team inbox, contact management, broadcast messaging, automated replies, and AI-assisted responses.
By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
1. Who this policy applies to
• Customers / Account holders — businesses and their team members who register for and use the NextiveAI dashboard.
• End users / Contacts — people who message a Customer's connected business account (e.g., someone who sends a WhatsApp or Instagram message to a business using NextiveAI). We process their data on behalf of the Customer.
2. Information we collect
2.1 Information you provide to us
• Account data: name, email address, phone number, password (stored hashed), business/company details.
• Billing data (for paid plans): plan, transaction records. Payments are processed by third-party payment gateways; we do not store full card numbers.
• Content you create: contacts, labels, notes, templates, broadcast campaigns, automation/chatbot configuration.
2.2 Information from connected messaging platforms (Meta Platforms)
When you connect a WhatsApp, Instagram, or Facebook Messenger account via Meta's authorized login/OAuth flow, we receive and process — strictly to provide the Service — information such as:
• Account/page identifiers, account name, username, and profile picture.
• Access tokens needed to send and receive messages on your behalf (stored encrypted at rest).
• Messages and message metadata (sender/recipient identifiers, timestamps, message IDs, text, and attachments) that are sent to or from your connected account.
• Sender profile information (e.g., name and profile picture) for people who message your business, used to display the conversation in your inbox.
We access this data only with your authorization and only to operate the features you enable. Our use of information received from Meta Platforms (Instagram, Messenger, WhatsApp) complies with the Meta Platform Terms and Developer Policies.
2.3 Information we collect automatically
• Usage and log data: IP address, device/browser type, pages visited, actions taken, timestamps.
• Cookies and similar technologies used for authentication, session management, and security.
3. How we use information
We use information to:
• Provide, operate, and maintain the Service, including sending and receiving messages on your connected accounts.
• Display conversations, contacts, and analytics in your dashboard.
• Provide automation and AI-assisted replies that you configure and enable.
• Process payments and manage subscriptions.
• Secure the Service, prevent abuse and fraud, and debug issues.
• Communicate with you about your account, security, and Service updates.
• Comply with legal obligations.
We do not sell personal information. We do not use messaging content received from Meta Platforms for advertising, nor for any purpose other than providing the Service you requested.
4. AI features
Some features use AI models to generate suggested or automated replies based on the conversation context and the configuration you set. Content processed by AI features is used only to generate the response for that conversation and to operate the feature you enabled. Where third-party AI providers are used, data is shared only as necessary to deliver the feature.
5. How we share information
We share information only as needed to run the Service:
• Messaging platforms (Meta): to deliver messages and operate connected accounts, via Meta's official APIs.
• Service providers (sub-processors): hosting, database, cloud infrastructure, email delivery, payment gateways, and AI providers — bound to process data only on our instructions.
• Legal and safety: when required by law, or to protect the rights, safety, and security of NextiveAI, our Customers, or others.
• Business transfers: in connection with a merger, acquisition, or sale of assets, subject to this Policy.
For Customers using NextiveAI under a self-hosted (source-code) license, the Customer is the operator and data controller of their own deployment, and this Policy describes the practices of the NextiveAI software as configured.
6. Data retention
We retain information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we delete or anonymize it. Customers can delete contacts, conversations, and connected accounts from the dashboard at any time.
7. Your rights and choices
Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at the address in Section 12.
Disconnecting a messaging account: You can disconnect a connected WhatsApp, Instagram, or Facebook account at any time from the dashboard. When you disconnect, we stop receiving new messages for that account and revoke the relevant webhook subscription.
8. Data deletion
You may request deletion of your data at any time:
1. In-app: delete contacts, conversations, or connected accounts from the dashboard; or delete your account to remove your account data.
2. By request: email privacy@nextiveai.com with the subject "Data Deletion Request" and the account email or connected account identifier. We will verify the request and delete the associated personal data within 30 days, except where retention is required by law.
For data originating from Meta Platforms, deleting a connected account or your NextiveAI account removes the associated tokens and stored messages for that connection.
9. Security
We implement technical and organizational measures to protect information, including encryption of access tokens at rest, encrypted transport (HTTPS), access controls, and webhook signature verification. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
10. International data transfers
NextiveAI may process data in countries other than where you reside. Where required, we use appropriate safeguards for international transfers. Our target markets include Indonesia, Malaysia, Saudi Arabia, and Brazil, and we aim to handle data in accordance with applicable local laws.
11. Children's privacy
The Service is intended for businesses and is not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal data from children.
12. Changes and contact
We may update this Policy from time to time. Material changes will be posted on this page with an updated "Last updated" date.
Contact
• Company: PT Nextive Harapan Gemilang
• Product: NextiveAI (https://app.nextiveai.com)
• Email: privacy@nextiveai.com
• Support: support@nextiveai.com