Privacy Policy

Last updated: April 5, 2026

This Privacy Policy describes how Salesora (“we”, “us”, or “our”) collects, uses, and protects information when you use our omnichannel customer engagement platform available at salesora.io and app.salesora.io (collectively, the “Service”).

1. Information We Collect

Account information

When you sign up, we collect your name, email address, organization name, and a hashed password. This information is used to create and secure your account.

Content you provide

We store conversations, contacts, messages, notes, tags, automation workflows, AI agent configurations, and any other content you upload or create within the Service.

Channel and integration data

When you connect third-party channels or integrations (such as WhatsApp, Facebook, Instagram, Telegram, Twilio, Google Sheets, HubSpot, Salesforce, Shopify, and others), we store the credentials, tokens, and configuration required to operate those connections on your behalf. Credentials are encrypted at rest using AES-256-GCM.

Usage and diagnostic data

We collect logs, request metadata, device/browser information, and error reports to operate, monitor, and improve the Service.

2. How We Use Google User Data

Salesora’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

When you connect a Google account to Salesora, we request the following scopes:

• Google Sheets (read/write) — to read the column headers of a spreadsheet you select and to append new rows to that spreadsheet as part of workflow automations you configure.
• Google Drive (read-only metadata) — solely to list spreadsheet files in your Drive so you can pick one in the workflow builder. We do not download, store, or analyze the contents of any file other than the spreadsheet you explicitly select.
• Basic profile (email, name) — to display which Google account is currently connected.

We do not use Google user data for advertising, do not sell it, and do not share it with third parties except as required to operate the Service (for example, secure hosting providers). Google user data is not used to train generalized AI or machine-learning models. Access is limited to employees and contractors who need it to operate and support the Service.

You can disconnect your Google account at any time from the Integrations settings page. Disconnecting revokes Salesora’s stored tokens; you can additionally revoke access directly at https://myaccount.google.com/permissions.

3. How We Use Information

• To provide, operate, and maintain the Service
• To execute the workflows, automations, and AI actions you configure
• To send transactional notifications related to your account or usage
• To troubleshoot, monitor, and improve the Service
• To detect, prevent, and respond to fraud or abuse
• To comply with legal obligations

4. Sharing of Information

We do not sell your personal information. We share information only:

• With infrastructure providers (e.g. cloud hosting, database, email delivery) strictly to operate the Service
• With third-party services you explicitly connect (e.g. Twilio, Meta, Google, HubSpot) as required to fulfill the integration you configured
• When required by law, subpoena, or valid legal process
• In connection with a merger, acquisition, or asset sale, with notice to you

5. Data Retention

We retain your data for as long as your account is active. When you delete your account or disconnect an integration, the associated data is deleted or anonymized within a reasonable timeframe, except where retention is required by law.

6. Security

We use industry-standard safeguards including TLS in transit, AES-256-GCM encryption for sensitive credentials at rest, role-based access controls, and continuous monitoring. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but we work continuously to protect your data.

7. Your Rights

Depending on where you live, you may have rights under laws such as the GDPR or CCPA, including the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at the address below.

8. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children under 16.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced through the Service or by email. Continued use after changes become effective constitutes acceptance of the updated policy.

10. Contact Us

Questions about this Privacy Policy or our data practices? Contact us at privacy@salesora.io.