Skip to content
Janiva

Privacy Policy

Last updated: 9 June 2026

Contact addresses below are placeholders pending confirmation — owner to verify/create these inboxes.

This Privacy Policy describes how Janiva ("Janiva", "we", "our", or "us"), operated by Janiva Digital Solutions (an Indian limited liability partnership, GSTIN 29AAQFH1072H1Z5, Karnataka), collects, uses, and protects information when you use our AI back-office assistant available on WhatsApp and at https://pa.janiva.bot (the "Service").

1. Who this policy applies to

Janiva is a business-to-business (B2B) service. We handle data for two kinds of people:

  • Account owners and team members — people who sign in to Janiva to run their back-office: accounting, GST invoicing, virtual numbers, the shared inbox, social publishing, and task delegation.
  • Your business contacts — your customers, vendors, and team members whose details (phone numbers, names, messages, invoice line items, ledger entries) you process through Janiva.

For the personal data of your business contacts, you are the data controller and Janiva acts as your data processor. Our processor commitments are set out in our Data Processing Agreement.

2. Information we collect

From account owners and team members

  • Account information you provide: name, email, phone number, password (stored as a salted hash), and role.
  • Workspace and company details you set up: company names, GSTINs, addresses, cost-centres, and ledger configuration.
  • Session metadata: login timestamps, IP address, and last-active time.
  • An audit trail of actions taken in the Service (creating invoices, posting ledger entries, scheduling posts, delegating tasks).

From your use of the Service

  • WhatsApp messages exchanged with Janiva and with the business numbers you connect, including media you send (images, documents, voice notes).
  • Business records you create or import: invoices, customers, vendors, ledgers, virtual-number usage, and task assignments.
  • Social content you compose, schedule, and publish to Instagram and Facebook through the Service.
  • Contact details of the people you delegate tasks to, so Janiva can follow up with them on WhatsApp.

From integrations you connect

  • Access tokens for connected accounts (for example WhatsApp Business, Instagram, and Facebook), encrypted at rest.
  • The account identifiers and display names of the channels you link.

3. How we use information

  • To provide the Service — run your accounting, generate GST invoices and Tally exports, manage virtual numbers, route inbox messages, publish social posts, and chase delegated tasks.
  • To power AI assistant features — interpreting your instructions in plain language and drafting replies, posts, and summaries (see our AI System Card for exactly what is sent to AI providers).
  • To authenticate users and protect accounts (password hashing, session management, rate-limiting).
  • To send service-related notifications (task reminders, approval requests, security alerts).
  • To bill your subscription and meter usage where applicable.
  • To maintain and improve the Service using aggregated, non-identifying usage metrics and error monitoring. We do not use your business or customer data to train generalized AI models.

4. AI providers

Janiva's assistant features rely on third-party large-language-model (LLM) providers, currently Google (Gemini), OpenRouter, and Anthropic. When you ask Janiva to do something, the relevant portion of your request and the data needed to fulfil it may be sent to one of these providers to generate a response. These providers process the data on our behalf to return a result and, under their standard API terms, do not use it to train their models. The AI System Card documents what data is and is not sent to AI providers for each feature.

5. WhatsApp and messaging

Janiva uses the WhatsApp Business platform operated by Meta to send and receive messages. Messages routed through WhatsApp are subject to Meta's and WhatsApp's own terms and privacy practices in addition to this policy. You are responsible for having any consents required to message your contacts through the Service.

6. When we share information

  • With sub-processors that operate the Service on our behalf: our hosting and database infrastructure, AI/LLM providers (Google, OpenRouter, Anthropic), and the WhatsApp Business / Meta messaging platform. Each is bound to handle data only as needed to provide the Service. The current list is set out in our DPA.
  • Within your own workspace — your team members and the contacts you choose to involve (for example a person you delegate a task to).
  • To comply with law when required by a valid legal process.
  • We do not sell personal data.

7. Retention and deletion

  • We retain your account and business data for as long as your account is active and as required to provide the Service, and thereafter as required by applicable law (for example, tax and accounting records you must keep under Indian law).
  • Integration tokens are deleted when you disconnect the integration or close your account.
  • You can request deletion of your data at any time; we will delete it subject to any legal retention obligations.

(Specific retention windows to be confirmed.)

8. Security

  • Encryption in transit (TLS) and encryption at rest for sensitive credentials and access tokens.
  • Passwords stored as salted hashes and never logged.
  • Account-level isolation so each workspace's data is kept separate.
  • An audit trail of administrative and sensitive actions.
  • We will notify affected account owners within a reasonable time of any confirmed breach involving their data.

No online service can guarantee absolute security, but we take reasonable measures appropriate to the nature of the data we process.

9. Your rights

Depending on where you and your contacts are located, you may have rights to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data, subject to legal retention requirements.
  • Object to or restrict certain processing.
  • Withdraw consent for optional features (for example, by disconnecting an integration).
  • Lodge a complaint with the relevant data-protection authority.

To exercise these rights, contact us as below.

10. Contact us

Data controller for our own processing: Janiva Digital Solutions, Karnataka, India.
Privacy and data-protection matters: [email protected]
General support: [email protected]

We may update this policy from time to time. Material changes will be announced in the Service and reflected in the "Last updated" date above. See also our Terms of Service and Data Processing Agreement.