Legal
Privacy Policy
This policy explains how BoostReplies, a Codvida product, handles personal data when businesses use our shared inbox, messaging integrations, and AI-assisted reply tools.
Last updated: July 13, 2026
1. Information we collect
- Account information, such as your name, email address, authentication details, organization, workspace membership, and preferences.
- Customer communications and contact data that you choose to process through BoostReplies, including message content, sender identifiers, profile names, phone numbers, delivery status, and conversation history.
- Messaging integration data, including WhatsApp Business Account IDs, business and phone-number IDs, display information, encrypted access tokens, webhook events, and similar identifiers from connected channels.
- AI configuration and processing data, including business instructions, FAQs, draft prompts, classifications, and the message content needed to provide requested AI features.
- Technical and usage data, such as IP address, browser details, request identifiers, logs, security events, errors, and product activity.
- Support and billing information you provide when contacting us or using paid services.
2. How we use information
- Provide, secure, maintain, and improve BoostReplies.
- Connect messaging accounts, receive and send messages, synchronize delivery status, and display conversations in the shared inbox.
- Generate AI-assisted drafts, automate replies when enabled, classify messages, and follow workspace instructions.
- Authenticate users, enforce workspace access, prevent abuse, troubleshoot incidents, and provide support.
- Send service communications and comply with legal obligations.
3. Messaging and Meta data
When you connect WhatsApp, you authorize BoostReplies to access and process the WhatsApp Business data necessary to provide the integration. We use this data only to operate the features you request, such as onboarding a business number, sending and receiving messages, and processing delivery events.
You are responsible for having a lawful basis to contact your customers, honoring opt-outs, and complying with WhatsApp Business Messaging policies and applicable communications laws.
4. Service providers and disclosures
We use service providers to operate BoostReplies, including hosting and database infrastructure, email delivery, error monitoring, authentication, and AI processing. Current providers may include Railway, Supabase/PostgreSQL, Resend, Sentry, Anthropic, Meta, and the operators of channels you connect. They process data only as needed to provide their services to us or to you.
We may disclose information when required by law, to protect rights and safety, during a business transaction, or with your direction. We do not sell personal data.
5. Retention and security
We retain data while your account or workspace is active and as reasonably necessary to provide the service, resolve disputes, enforce agreements, maintain security, and comply with law. Connected-channel credentials are encrypted at rest. No system is perfectly secure, but we use access controls, tenant isolation, transport encryption, monitoring, and other safeguards appropriate to the data we process.
6. Your choices and rights
Depending on where you live, you may have rights to access, correct, export, restrict, object to, or delete personal data. Workspace administrators can disconnect messaging channels. You can request account or data deletion using our Data Deletion page or by emailing us. We may need to verify your identity and authority over the relevant workspace before acting.
7. International transfers, children, and changes
Our providers may process data in countries other than yours. Where required, we use appropriate safeguards for international transfers. BoostReplies is a business service and is not directed to children under 16. We may update this policy as the product or law changes and will publish the revised date on this page.