BOTEN
HEEN
Start on WhatsApp
Privacy Policy · 2025 edition

Privacy Policy.

What information we collect, how we process it, and what rights you have · as a paying subscriber and as an end user · under the Israeli Privacy Protection Law, Amendment 13, and the EU GDPR.

Last updated · October 2025 Version 1.4 ← Back to documents
Who's responsibleBOTEN, the service operator · based in Tel Aviv.
What we collectSubscriber details, end-user details, conversation content, metadata.
Who it's shared withWhatsApp/Meta, Anthropic, Grow (payments), infrastructure providers.
Your rightsAccess, correct, delete, object, port · within 30 days.

Introduction & scope

This Privacy Policy describes how BOTEN ("we", "the Company", "the service operator") collects, processes, stores, uses and protects personal information. The policy applies to two groups:

  • Customers (subscribers) · business owners and private subscribers who purchase a BOTEN subscription and use it through BOTEN's operational WhatsApp number in the space assigned to them.
  • End users · event guests, business customers or anyone who messages BOTEN's WhatsApp number in the context of a subscriber, business, event or community.

This policy is intended to describe BOTEN's handling of personal information under the Israeli Privacy Protection Law, 5741-1981, Amendment 13 (in force as of August 14, 2025), the Privacy Protection (Information Security) Regulations, 5777-2017, and other relevant Israeli data-protection rules. Because the system's primary database is hosted in the European Union (Frankfurt, Germany), we also work according to relevant GDPR principles, including data minimisation, purpose limitation and accuracy.

What information we collect

2.1 Information about the customer (business owner / private subscriber)

  • Identifiers: full name, business name (if applicable), WhatsApp phone number, email address.
  • Service details: business sector / event type, approved services, pricing, opening hours, custom messages.
  • Subscription details: plan, signup date, payment history (without credit card details).
  • Usage data: conversation count, settings changes, operational summary views.

2.2 Information about end users

  • Core identifiers: name and phone number as shown in the user's WhatsApp profile.
  • Conversation content: messages sent and received within the Service.
  • Metadata: date and time of contact, conversation language, conversation length.

2.3 What we do not collect

BOTEN does not store credit card details; payments are processed and stored by Grow. Location, health-related or other sensitive information may be stored only when the user sends it to BOTEN as part of a conversation or requested action, and is used only to provide the service and keep the correct space separated.

Why we use this information

  • Delivering the Service: running BOTEN, routing messages, sending conversation summaries and operational summaries, managing the subscriber account.
  • Customer communication: notices about service changes, incidents, price updates, invoices, and technical support.
  • Service improvement: analysing aggregate usage patterns (without personal identification) to improve system performance and answer accuracy.
  • Legal compliance: retaining records for reporting obligations, responding to court orders, meeting regulatory duties.
  • Abuse prevention: detecting and preventing fraud, unauthorised use, and breaches of the Terms of Service.

Legal basis for processing

  • Consent · the subscriber gives consent at signup.
  • Contract performance · processing is necessary to deliver the purchased service.
  • Legitimate interest · service improvement, fraud prevention, information security.
  • Legal obligation · compliance with the Privacy Protection Law, Consumer Protection Law, and tax law.

Sharing with third parties

BOTEN does not sell, rent or trade personal information about customers or end users. Information is shared only with the following parties, and only for the purposes listed:

  • WhatsApp / Meta · to operate the Service through the WhatsApp Business API. Meta processes messages under WhatsApp's terms of service and privacy policy.
  • Grow · an Israeli payment provider for processing payments according to the selected plan.
  • Anthropic · for natural-language processing only, according to Anthropic's service and privacy terms.
  • Infrastructure providers (hosting, servers) · to host and operate the Service, subject to the relevant agreements and service requirements.
  • Law-enforcement authorities · only when required by court order, legal obligation, or to protect public safety.

Storage, retention and security

6.1 Retention periods

  • Conversation content: retained for 90 days for support, service operation and operational summaries. Deleted automatically thereafter.
  • Conversation summaries and aggregate summaries: 12 months, after which they are deleted or moved to anonymous archive.
  • Customer details and subscription data: retained for the lifetime of the subscription and up to 36 months afterwards (legal and tax obligations).
  • Payment data: stored exclusively by Grow. BOTEN keeps only accounting records (amount, date, reference).
  • After future renewal is cancelled: access remains active until the end of the already-paid month. Retention and deletion periods then follow this policy and legal obligations.

6.2 Information security

  • The website and service are operated over HTTPS.
  • Access is separated by role, permission and context.
  • Exposure is limited to information needed for the Service.
  • Infrastructure is monitored and operated according to service needs.
  • Privacy and deletion requests are handled under this policy and the Terms of Service.

Your rights as a data subject

Under the Israeli Privacy Protection Law and Amendment 13, every individual (subscriber or end user) has the following rights:

  • Right of access · to request and receive a copy of the personal information we hold about you. We respond within 30 days.
  • Right of rectification · to ask us to correct inaccurate, incomplete or outdated information.
  • Right of erasure · to request deletion of personal information, subject to legal limits (tax retention, court orders).
  • Right to object · to object to processing for specific purposes.
  • Right to portability · to receive the data in a structured, machine-readable format.

To exercise these rights, see the contact details in section 11.

Cookies and tracking

BOTEN runs primarily through WhatsApp and does not use cookies. Web summary pages (links sent over WhatsApp) may use only essential session cookies for the page to function, with no advertising or analytics tracking.

International data transfers

Some infrastructure providers, including language-processing and cloud providers, may process data outside Israel. Such transfer and processing are handled under this Privacy Policy, the Terms of Service, and the relevant providers' contractual and service terms.

10 · Minors

The Service is intended only for adults (18+). We do not knowingly collect personal information about minors. If we become aware that such information has been collected, we handle deletion or restriction under this policy and applicable law. A parent or guardian may contact us if they believe their child has provided information.

11 · Contact and exercise of rights

  • Service operator: Omer Levy
  • Email: info@boten.biz
  • Operational WhatsApp: +972 53-717-2151
  • Data Protection Officer (DPO): Omer Levy, info@boten.biz
  • Response time: up to 30 business days (or sooner, as required by law).
Note The original canonical document lists a second WhatsApp number. The current operational contact details · to be used today · are the number listed above. The next legal revision will consolidate these.

12 · Updates to this policy

BOTEN may update this policy from time to time. Material changes will be announced with 30 days' prior notice via WhatsApp and/or email. The updated version will carry the new last-updated date.