Privacy Policy

Privacy Policy

Last updated: April 3, 2026

1. Introduction

Welcome to Honex ("we," "our," or "us"). Honex is an AI-powered e-commerce customer service automation platform that helps merchants automate customer service across Facebook Messenger and Instagram Direct Messages.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and web application (collectively, the "Service"). Please read this policy carefully to understand our practices regarding your data.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (required)
  • Name (optional)
  • Password (stored in securely hashed form)
  • Account role (merchant or admin)

2.2 Channel Account Information

When you connect your social media accounts, we collect:

  • Facebook Page information (name, page ID)
  • Instagram Business account information (username, account ID)
  • OAuth tokens and API credentials for accessing your accounts
  • Channel configuration settings (AI prompts, enable/disable status)

2.3 Website and Application Usage Data

When you visit our website or use our applications, we may collect:

  • IP addresses
  • Browser type and version
  • Device information
  • Pages visited and time spent
  • Contact form submissions (including IP address and user agent)
  • Early access requests

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our Service: Process your requests, manage your account, and enable AI chatbot functionality
  • Connect social media accounts: Authenticate and maintain connections to your Facebook Pages and Instagram Business accounts
  • Configure AI chatbots: Store and apply your custom AI prompts and channel settings
  • Process messages: Enable AI-powered responses to customer messages on your connected Facebook and Instagram accounts
  • Improve our Service: Analyze website usage patterns, identify issues, and enhance functionality
  • Communicate with you: Send service updates, respond to inquiries, and provide customer support
  • Ensure security: Detect and prevent fraud, abuse, and unauthorized access
  • Comply with legal obligations: Meet regulatory requirements and respond to legal requests

4. Data Sharing and Third-Party Services

We share your information only as necessary to provide our Service:

4.1 AI Service Providers

We use third-party AI service providers to power our chatbot functionality. When processing customer messages, we send conversation context and messages to these providers to generate responses. Their use of your data is governed by their respective privacy policies. We do not use your data to train AI models.

4.2 Social Media Platforms

To deliver messages and manage your accounts, we integrate with Facebook and Instagram. We use OAuth to connect your Facebook Pages and Instagram Business accounts and send/receive messages on your behalf.

These platforms receive messages and metadata as necessary to deliver your chatbot responses. Their use of data is governed by their respective privacy policies. When you connect your accounts via OAuth, you grant us permission to access your pages and send messages on your behalf.

4.3 Service Providers

We use trusted third-party service providers to host our website, store your data, and process messages. These providers are contractually obligated to protect your data and use it only as necessary to provide their services.

4.4 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users or others.

5. Data Storage and Security

We implement industry-standard security measures to protect your data:

  • Encryption: Passwords are securely hashed. Sensitive data in transit is encrypted using industry-standard protocols
  • Secure Storage: Data is stored in secure databases with access controls and regular backups
  • Access Controls: We enforce authentication and authorization on all endpoints and database access
  • Input Validation: All user inputs are validated and sanitized to prevent security vulnerabilities
  • Logging Practices: We redact personally identifiable information (PII) from logs and avoid logging sensitive request/response bodies
  • Rate Limiting: We implement rate limits to prevent abuse and protect system resources

While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update or correct inaccurate information through your account settings
  • Deletion: Request deletion of your account and associated data (subject to legal retention requirements)
  • Data Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing of your data for certain purposes
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us at contact@honex.tech. We will respond to your request within 30 days.

You can also manage your account information and connected channels through the Settings page in the web application.

7. Data Retention

We retain your data for as long as necessary to provide our Service and comply with legal obligations:

  • Account Data: Retained while your account is active and for a reasonable period after account closure
  • Channel Configurations: Retained while your account is active. When you disconnect a channel, we remove the OAuth tokens and connection data
  • Contact Form Submissions: Retained for customer support purposes and deleted after resolution
  • Early Access Requests: Retained until processed or until you request deletion
  • Logs: Retained for security and debugging purposes, with PII redacted

When you delete your account, we will delete or anonymize your personal data, except where we are required to retain it by law.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your authentication session
  • Remember your preferences
  • Analyze website usage and performance
  • Improve user experience

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service. For more information, please see our Cookie Policy.

9. Children's Privacy

Our Service is not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our Service, you consent to the transfer of your information to these countries. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Honex Privacy Team

Email: contact@honex.tech

Website: Contact Form