Privacy & Data UseLast updated: December 29, 2025

Privacy Policy for AskConcierge.co

This policy explains how we collect, use, protect, and share personal data for our AI concierge service for local businesses. It is designed to meet Meta requirements for apps that access Facebook and Instagram data.

Key definitionsData we collectHow we use dataCookies & SDKsMeta / Facebook / InstagramSharingRetention & deletionSecurityYour controlsMinorsDeceased usersUpdatesDispute resolutionContact
Meta-ready
We request only the permissions needed, honor revocation immediately, and comply with Meta Platform Terms and Developer Policies.
No selling of data
We do not sell or rent personal data. Service providers act on our behalf under confidentiality and security obligations.
Purpose-limited
Data is collected to deliver the concierge experience: lead capture, messaging, analytics, and reliability of the service.

AskConcierge is provided by Joiwai Software LLC (Wyoming, USA), which acts as the data controller and receives payments for the service.

The AskConcierge app is owned within the portfolio of Joiwai Tecnologías de la Información SAS de CV (Mexico). This affiliate may support operations under confidentiality and data protection safeguards, but Joiwai Software LLC remains the primary contracting and billing entity.

Key definitions

Personal data: Information that identifies or can be used to identify a person.

Sensitive personal data: Data that could cause harm if misused (for example, financial details, precise location, government IDs, biometric data, or data about children).

Account: Your AskConcierge.co account used to authenticate and authorize access.

Anonymization: Processing data so it can no longer identify a person and cannot be restored.

De-identification: Processing data so it cannot identify a person without additional information kept separately.

Cookies/SDK identifiers: Small files or device IDs used to keep sessions, remember preferences, and measure performance.

1) Data we collect

We collect what is necessary to deliver core functions (lead capture, messaging, analytics). Optional data powers add-ons; refusing optional data will not block core features but may limit certain experiences. If we launch new functions that need new data, we will ask for your consent before collecting.

Account and business setup

  • Contact details (name, email, phone) and login information you provide.
  • Business profile details: business name, address, hours, services, pricing, and branding assets.
  • Preferences for messaging, booking, and lead capture flows.

Leads, chats, and content

  • Messages you or your customers send to the concierge, including attachments you upload.
  • Lead forms and bookings captured through AskConcierge.co experiences or embedded widgets.
  • AI-generated responses and recommendations produced from your inputs and connected data sources.

Usage and device data

  • Device and browser information, IP address, timestamps, and events about how you use the service.
  • Approximate location derived from IP or user-provided details when relevant to the experience.
  • Diagnostics and logs to monitor performance, security, and reliability.

2) How we use data

  • Operate the concierge experience: lead capture, chat automation, booking requests, and customer follow-up.
  • Set up and manage integrations (for example, Meta/Facebook/Instagram) you authorize, including messaging and lead intake where permitted.
  • Improve responses, detect misuse, and refine prompts or models using aggregated and de-identified patterns where feasible.
  • Provide analytics, reporting, and service communications such as onboarding, updates, and support.
  • Protect the service through security monitoring, fraud prevention, and abuse detection.
  • Comply with legal obligations and enforce our terms.
  • Honor your settings for marketing emails or SMS; you can opt out at any time via provided controls or by contacting us.
  • If we need to use data for a new purpose, we will notify you and request consent before proceeding.

3) Cookies and similar technologies

  • Session and preference cookies to keep you logged in, remember settings, and maintain state across pages.
  • Analytics and performance cookies/SDK identifiers to understand usage and improve reliability.
  • Security cookies to help detect fraud or abuse.
You can disable cookies in your browser. Doing so may impact login persistence or certain features. If we introduce SDKs that collect additional device identifiers, we will disclose and request consent where required.

4) Meta / Facebook / Instagram data handling

When you connect Facebook or Instagram, we access the data you explicitly permit to enable features such as messaging, posting, and lead capture. We follow Meta Platform Terms and Developer Policies.

What we access and why

  • Page and account identifiers, tokens, and permissions to authenticate your connection.
  • Messages, comments, leads, and forms for the features you enable (for example, inbox automation and lead sync).
  • Basic profile and Page details to display account context and improve responses.

How we protect Meta data

  • Tokens are stored securely, used only for the scopes you grant, and removed on revocation or account disconnect.
  • We do not sell Meta data and do not share it with third parties except vetted service providers acting on our behalf.
  • If you disconnect the integration or permissions expire, we stop requests and delete or disable related data where required.
  • You can revoke access at any time in Facebook or Instagram settings and within AskConcierge.co account settings (where provided).

5) Sharing and disclosure

  • Service providers and subprocessors (for example, hosting, storage, analytics, customer support) under confidentiality and data protection terms.
  • Legal, safety, and compliance requirements (for example, subpoenas, protecting rights, preventing fraud or abuse).
  • Business transfers if we undergo a merger, acquisition, or asset sale; we will provide notice of any material changes.
  • With your explicit consent for new sharing scenarios not covered above.
We do not sell personal data. Any sharing is limited to the purposes described here and governed by appropriate contracts and safeguards.

Common exceptions

  • National security, public safety, or public health requirements.
  • Law enforcement or regulatory requests where disclosure is legally required.
  • To protect life, property, or rights where obtaining consent is impractical.
  • Data you make public or that is collected from lawful public sources.

Cross-border transfers

  • Data may be processed in the United States and other locations where our providers operate.
  • Where required, we rely on lawful transfer mechanisms (for example, Standard Contractual Clauses) and will request consent if local law requires it.

6) Data retention, storage, and deletion

  • We keep data only as long as needed to provide the service, fulfill the purposes described, or meet legal or contractual obligations.
  • Meta tokens and permissions are removed when you disconnect or when they expire; associated data is deleted or minimized where required.
  • Lead records, chat transcripts, and analytics can be deleted or exported upon request, subject to applicable law.
  • Backups are retained for a limited period for business continuity and then removed on a rolling basis.
  • You can request deletion at privacy@askconcierge.co. We may need to verify your identity before fulfilling the request.
  • If required by law, we will retain certain records for a mandated minimum period before deletion or anonymization.

Storage locations

Data is primarily stored in the United States with vetted cloud providers. If we store or process data in other regions, we apply equivalent protections and, where required by law, obtain consent and use approved transfer mechanisms.

After account closure

When you cancel your account, we delete or anonymize personal data, except where retention is required by law or necessary to resolve disputes, enforce agreements, or meet compliance obligations.

7) Security

  • Encryption in transit (TLS) and secure storage for sensitive secrets such as access tokens.
  • Access controls with least privilege, logging, and monitoring for suspicious activity.
  • Regular reviews of integrations and dependencies to mitigate vulnerabilities.
No system is perfect. If you suspect unauthorized access, contact us immediately at privacy@askconcierge.co.

Incident response

If a data breach occurs, we will investigate, contain the issue, notify affected users as required by law, and report to regulators where applicable.

Your role

Use strong passwords, protect your devices, and notify us promptly of any suspected compromise of your account or connected integrations.

8) Your choices and rights

  • Access, correction, deletion, or portability of your personal data where applicable by law.
  • Marketing preferences: opt out of marketing emails or SMS at any time via links provided or by contacting us.
  • Integration controls: revoke Facebook or Instagram access in Meta settings and within AskConcierge.co account settings (where available).
  • Automated decision-making: our AI suggests responses and actions; request human review or raise concerns at any time.
  • Children: the service is not directed to children under 13 (or older minimum age where required). We delete data from minors upon verification.
  • You may request a copy of your data and ask us to transfer it to another provider where technically feasible and permitted by law.
  • U.S. state privacy laws (for example, California) may grant additional rights; contact us to exercise applicable state-specific rights.

To exercise these rights, email privacy@askconcierge.co. We may need to verify your identity before acting. Certain requests may be limited by legal or security requirements.

9) Personal data of minors

The service is intended for individuals 13 and older (or the minimum age in your jurisdiction). We do not knowingly collect data from children. If we learn a child has provided data, we will delete it after verification. If you believe a minor has provided data, contact us at privacy@askconcierge.co.

10) Deceased users

Where allowed by law, a verified close relative or authorized representative may request access, correction, or deletion of a deceased user's data. We will require proof of identity, relationship, and authority before acting on such requests.

11) Policy updates

We may update this policy to reflect product changes, legal requirements, or security needs. We will post the new date at the top and, for material changes, notify you through the service or email. If changes reduce your rights in a significant way, we will request your consent where required.

12) Dispute resolution

Governing law: this policy is governed by the laws of the United States and the State of Wyoming, without regard to conflict of law principles.

If a dispute arises, the parties will first attempt to resolve it informally within 30 days. If unresolved, disputes will be submitted to binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules. Venue: Cheyenne, Wyoming, U.S.A. Either party may seek injunctive relief in a court of competent jurisdiction in Wyoming to protect confidential information or intellectual property.

13) Additional disclosures

Data sources

  • Information you provide directly to AskConcierge.co.
  • Data from services you connect (for example, Meta properties) as authorized by you.
  • Service providers (for example, analytics and hosting) and publicly available sources where relevant to deliver the service.

International transfers

  • Data may be processed in the United States and other countries where we or our providers operate.
  • When required, we rely on lawful transfer mechanisms (such as Standard Contractual Clauses) and apply appropriate safeguards.

14) Contact

If you have questions, requests, or concerns about this policy or how we handle data, reach us at privacy@askconcierge.co.

Please include enough detail for us to verify your identity and respond. For Meta permissions, you can also revoke access directly in your Facebook or Instagram account settings.