Data Protection - Privacy Policy

1. Roles

Bino Bot, also referred to as Bino, is operated by Bohni Tech Private Limited, Bangalore, Karnataka, India. This Privacy Policy applies to bino.bot, WhatsApp/search flows, partner/business onboarding, discovery surfaces, APIs, and related services.

Bino may act as controller/Data Fiduciary for users who search, message, browse, contact us, or interact directly with Bino. We may act as processor/Data Processor where we process data on behalf of a business customer or partner under their instructions.

Partner businesses remain responsible for their own products, services, notices, consents, fulfillment, refunds, customer support, grievance handling, and Data Principal requests where they determine the purpose and means of processing.

2. Personal Data We Process

We may process names, phone numbers, WhatsApp identifiers, email addresses, search queries, chat messages, preferences, location or trip details if shared, partner/business details, listings, support messages, transaction or referral metadata, device/browser data, IP addresses, consent and opt-out records, logs, and security events.

If a user shares sensitive information in free-text messages, we may process it only as needed to respond, route, secure, or delete the request.

3. Purposes and Legal Bases

We process personal data to provide search and discovery, respond to WhatsApp or website requests, connect users with partner businesses, onboard partners, personalize results, operate support, improve reliability, prevent misuse, comply with law, maintain records, and communicate service or commercial updates.

For GDPR, legal bases may include consent, contract, legitimate interests, and legal obligation. For DPDP, we process digital personal data for consent-based purposes, applicable legitimate uses, legal requirements, or partner/customer-controlled instructions, and provide a contact path for questions, grievances, correction, erasure, consent withdrawal, and nomination.

4. Partner Businesses and Transactions

Bino may help users discover or contact third-party businesses. Partner businesses are responsible for their own listings, pricing, availability, fulfillment, refunds, safety, legal compliance, and privacy practices.

When you choose to interact with a partner, we may share the information needed to respond to or fulfill your request. Partners must use that information only for the request, transaction, support, safety, legal, or other permitted purpose.

5. AI and Automation

Bino may use AI-assisted or automated workflows to understand queries, classify intent, recommend results, draft responses, summarize requests, or improve search.

AI outputs may be incomplete or inaccurate, and users should verify important details directly with the relevant business or provider.

6. Cookies and Tracking

Essential cookies and similar technologies may be used to operate the site, secure sessions, and prevent misuse.

Non-essential analytics, advertising, or tracking technologies should run only after valid consent where required. Users should be able to reject or later change non-essential choices.

7. Sharing and Service Providers

We may share personal data with hosting providers, messaging/channel providers, analytics, AI providers, partner businesses when needed for user requests, support tools, payment or transaction providers where applicable, and other service providers required to operate Bino.

We may disclose information when required by law, to protect rights and safety, enforce terms, or complete a corporate transaction. We do not sell personal data as a standalone business.

8. International Transfers

Personal data may be processed in India and other countries where we, partners, or service providers operate.

For GDPR-covered data, we use appropriate transfer mechanisms where required. For DPDP-covered data, we monitor Indian transfer restrictions and applicable rules.

9. Retention and Security

We retain personal data only as long as needed for search/discovery, support, partner transactions, security, legal obligations, dispute resolution, analytics, audits, and backups. Users may request deletion, subject to legal, security, fraud-prevention, transaction, and partner-handling limits.

Where processing is based on consent and consent is withdrawn, we will stop or help the responsible partner stop the relevant processing unless continued processing is required or authorized by law, contract, security, fraud-prevention, dispute, or other permitted grounds.

We use technical and organizational measures designed to protect personal data, including access controls, secure transport where applicable, audit logs, vendor review, secure development practices, and incident response. Boni is building an ISO/IEC 27001-aligned security management program, but this Policy is not a certification claim.

10. Your Rights

Depending on applicable law, you may request access, information about processing, correction, completion, update, deletion, restriction, objection, portability, consent withdrawal, grievance review, and nomination.

For DPDP-covered data, Data Principals may contact us for processing questions, correction, erasure, grievance redressal, consent withdrawal, and nomination. You can also message DELETE or UPDATE through supported WhatsApp flows where available.

11. Children and Updates

Bino is not intended for users under 18. Do not use Bino to submit children's personal data unless required legal basis, notices, and guardian consent are in place.

We may update this Policy as Bino, laws, vendors, or practices change. The latest version will be posted on this page with its effective date.

12. Contact Us

Privacy requests and grievances can be sent to support@bino.bot. Please include enough information for us to verify and locate your request.