Privacy Policy

Version #1 from 24.09.2025

This Privacy Policy describes how VeAi Ventures LLP collects, uses, and protects your personal information when using the STIKER.AI service.

1. INFORMATION COLLECTION

1.1. Information we collect:

  • Personal data: name, email address, phone number
  • Account data: login, password, profile settings, trial period information
  • Client data: information about your clients stored in the CRM system (names, phone numbers, company information, status, deal values, contact dates)
  • Calendar data: events, meetings, schedule
  • Communication data: WhatsApp messages, email correspondence
  • Business data: business description, services offered, working hours, Kaspi payment link
  • Payment data: payment information for Freedom Pay (subscription payments) and Kaspi Pay integration (for client invoice automation), subscription status
  • Technical data: IP address, browser type, operating system

1.2. Sources of information:

  • Data provided by you during registration and onboarding
  • Information obtained through Google API (Calendar)
  • WhatsApp messages via our own WhatsApp Web.js server
  • Information collected automatically when using the service
  • Payment information from Freedom Pay (for subscriptions) and Kaspi Pay (for client invoice automation)

2. USE OF INFORMATION

2.1. Purposes of use:

  • Providing and improving the STIKER.AI service
  • Automating client work and communication
  • Synchronizing calendar events
  • Processing and sending messages via WhatsApp
  • Generating personalized messages using AI (Azure OpenAI)
  • Processing payments and managing subscriptions
  • Technical support and maintenance
  • Compliance with legal obligations

2.2. Legal basis:

  • User consent to the processing of personal data
  • Performance of a service agreement
  • Legitimate interests for service improvement
  • Compliance with legal obligations

3. USE OF GOOGLE API DATA

STIKER.AI uses and transfers information received from Google APIs in accordance with Google API Services User Data Policy, including the Limited Use requirements.

3.1. How we use Google data:

πŸ“… Google Calendar

  • Reading calendar events to display in the STIKER.AI interface
  • Creating and updating events at your request
  • Synchronizing meetings with clients
  • Automatic task planning based on calendar

3.2. Limitations on use of Google data:

We guarantee that:

  • DO NOT transfer Google data to third parties except as necessary for app functionality
  • DO NOT use data for advertising, retargeting, or personalized ads
  • DO NOT sell data to brokers, ad platforms, or information resellers
  • DO NOT use data for determining creditworthiness or issuing loans
  • LIMIT employee access to data only when necessary for job functions
  • USE data ONLY for features visible and available in the app interface
  • DO NOT read data manually except when investigating security incidents or as required by law

3.3. Permitted cases of data transfer:

Data obtained through Google API may be transferred only in the following cases:

  • To provide app features visible in the interface, with your consent
  • For security purposes (investigating incidents, preventing abuse)
  • To comply with applicable laws and legal obligations
  • In case of merger, acquisition, or sale of company assets (after obtaining explicit consent)

4. TRANSFER OF DATA TO THIRD PARTIES

4.1. Third parties:

We may transfer your data to the following categories of recipients:

  • Google LLC: for integration with Google Calendar (in accordance with limited use policy)
  • WhatsApp (our own server): for sending and receiving messages through our own WhatsApp Web.js server (open source, Apache license)
  • Microsoft Azure (Azure OpenAI): for AI-powered message generation and personalization using client data
  • Payment processors: Freedom Pay for processing subscription payments to STIKER.AI
  • Kaspi Pay (client integration): clients can integrate Kaspi Pay to send automated invoices to their customers (data is processed by Kaspi Pay according to their privacy policy)
  • Cloud providers: Google Firebase/Firestore for data storage and Google Cloud Functions for service operations
  • Government agencies: when required by law

4.2. AI processing of client data:

We use Azure OpenAI (Microsoft) to generate personalized messages for your clients. Client data (name, company, status, phone number, deal value) is sent to Azure OpenAI for message generation. This data is processed according to Microsoft's privacy policies and is not used for training AI models or other purposes beyond message generation.

4.3. International transfers:

Some of our service providers (Google, Microsoft Azure) are located outside the Republic of Kazakhstan. We ensure adequate protection of your data during international transfers in accordance with applicable legislation and Google API Services User Data Policy standards.

5. DATA PROTECTION

5.1. Technical measures:

  • Data encryption during transmission (TLS/SSL)
  • Data encryption at rest
  • Regular backups
  • 24/7 security monitoring
  • Two-factor authentication

5.2. Organizational measures:

  • Restricting access to personal data
  • Employee training on data protection
  • Information security policies
  • Regular security audits

6. USER RIGHTS

6.1. Your rights:

  • Right of access: obtain information about what data we process
  • Right to rectification: correct inaccurate data
  • Right to erasure: delete your personal data
  • Right to restriction: restrict processing of your data
  • Right to data portability: obtain a copy of your data
  • Right to object: object to data processing

6.2. How to exercise your rights:

To exercise your rights, please contact our support service at: support@stiker.ai

7. DATA STORAGE

7.1. Storage periods:

  • Account data: until account deletion
  • Client data: until account deletion
  • Logs and technical data: up to 12 months
  • Data for legal compliance: according to legal requirements

7.2. Data deletion:

When deleting an account, we delete your personal data within 30 days, except in cases where the law requires longer storage.

8. COOKIES AND TECHNOLOGIES

8.1. Use of cookies:

We use cookies and similar technologies for:

  • Ensuring service functionality
  • Remembering your preferences
  • Analyzing service usage
  • Improving performance

8.2. Cookie management:

You can manage cookies through your browser settings. Disabling cookies may affect service functionality.

9. POLICY CHANGES

We may update this Privacy Policy. We will notify you of significant changes by email or through the service. Continued use of the service after changes means you agree to the updated policy.

10. CONTACT INFORMATION

VeAi Ventures LLP

Email: support@stiker.ai

Address: RK, Astana, Esil district, Mangilik El Avenue, building No. 53, office 34

BIN: 250940013341

This Privacy Policy is effective from 24.09.2025