1. Who We Are
Velobit Digital Venture (Enterprise No. JR0190269-K) ("Velobit Digital Venture", "we", "us") provides AI-powered messaging automation services to businesses via WhatsApp and Telegram, powered by large language model (LLM) technology.
Our registered address is: Lot 5647, Jalan Kampung Chabang, Kerteh, 24300 Kemaman, Terengganu, Malaysia.
This Privacy Policy explains how we collect, use, store, and protect personal data when you or your customers interact with our AI chatbot services.
2. What Personal Data We Collect
Depending on how you use our services, we may collect and process the following:
From business clients (SMEs who subscribe to our service):
- Business name, contact person name, and phone number
- WhatsApp or Telegram account number used for the bot
- Email address (for billing and support communications)
- Business operating information provided to configure the chatbot (e.g. services offered, FAQs, operating hours)
From end-users who interact with the chatbot:
- WhatsApp or Telegram display name and phone number (provided automatically by the messaging platform)
- Message content sent to the chatbot during a conversation
- Timestamps of conversations
We do not collect sensitive personal data such as national identity card (IC) numbers, financial account details, health information, or passwords. We do not knowingly collect data from individuals under 18 years of age.
3. Why We Collect and How We Use This Data
We use personal data for the following purposes:
- To operate, configure, and deliver the AI chatbot service to our business clients
- To process and respond to messages sent to the chatbot on behalf of the client business
- To maintain conversation context within a single session so the AI can respond accurately
- To troubleshoot technical issues and improve service reliability
- To contact business clients regarding billing, service updates, and support
- To comply with applicable laws and Meta's WhatsApp Business API terms of service
We process this data based on our legitimate interest in providing the service contracted with our business clients, and on the implied consent of end-users who choose to initiate a conversation with a business's chatbot.
4. Third-Party Services We Use
To deliver our service, we share data with the following trusted third-party providers. All providers are bound by their own privacy policies and data processing agreements.
- Meta Platforms, Inc. — WhatsApp Business API provider. Message content passes through Meta's infrastructure in accordance with Meta's Privacy Policy and Business Policy.
- Anthropic, DeepSeek & Minimax (LLM providers) — Message content is sent to these providers' APIs to generate AI responses. Data is processed under each provider's terms and privacy policy.
- Hostinger (VPS hosting provider) — Our chatbot infrastructure and data are hosted on Hostinger servers, governed by the Hostinger Privacy Policy.
- Telegram Messenger, Inc. — Messaging platform for Telegram-based bot deployments, governed by Telegram's Privacy Policy.
We do not sell, rent, or trade personal data to any third party for marketing purposes.
5. Data Retention
- Conversation logs: Retained for up to 90 days to support troubleshooting and service quality, then deleted.
- Business client account data: Retained for the duration of the service subscription and up to 12 months after termination for legal and billing purposes.
- LLM API calls: Message content sent to third-party LLM providers is subject to those providers' own retention policies. We do not control their retention periods.
6. Data Security
We take reasonable technical measures to protect personal data, including:
- Encrypted connections (HTTPS/TLS) for all data in transit
- Restricted server access via SSH key authentication
- Input validation and filtering to prevent injection attacks on our chatbot infrastructure
- Regular review of our security practices
No system is 100% secure. In the event of a data breach that affects your personal data, we will notify affected parties and the relevant authorities as required under Malaysian law.
7. Your Rights Under the Personal Data Protection Act 2010 (PDPA)
If you are located in Malaysia, you have the following rights regarding your personal data under the Personal Data Protection Act 2010 (PDPA):
- Right of Access: You may request a copy of the personal data we hold about you.
- Right of Correction: You may request that we correct any inaccurate or incomplete personal data.
- Right to Withdraw Consent: You may withdraw consent to the processing of your personal data at any time, though this may affect our ability to provide the service.
- Right to Limit Processing: In certain circumstances, you may request that we limit how we use your personal data.
To exercise any of these rights, please contact us using the details in Section 9 below. We will respond within 21 days.
8. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or business practices. When we make significant changes, we will update the effective date at the top of this page.
We encourage you to review this page periodically. Continued use of our service after any update constitutes acceptance of the revised policy.
9. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Business: Velobit Digital Venture
Email: aidi.hamid@gmail.com
WhatsApp: +60 19-9506617
Address: Lot 5647, Jalan Kampung Chabang, Kerteh, 24300 Kemaman, Terengganu, Malaysia.