Privacy Policy

Last updated: March 24, 2025

1. Introduction

Olemhe ("we", "our", or "us") operates a DM commerce automation platform at theoleai.com. This Privacy Policy explains how we collect, use, store, and protect information when you use our Service. By creating an account, you agree to this policy.

2. Information We Collect

Information you provide

  • Business name, email address, website URL, and country during registration
  • Store API credentials and keys (encrypted at rest with AES-256-GCM)
  • Facebook, Instagram, and WhatsApp access tokens (encrypted at rest)
  • Payment information (processed by Stripe or Paystack — we never store card numbers)

Information collected from Meta platforms

When you connect your Facebook Page, Instagram Business Account, or WhatsApp Business Number, we receive and process:

  • Message content sent by your customers via Messenger, Instagram Direct, and WhatsApp
  • Customer platform-specific identifiers (PSID, IGID, or WhatsApp phone number)
  • Customer profile name and profile picture (where available)
  • Your Page or Business Account access token

Meta data use: We use this data only to process customer orders and generate AI replies on your behalf. We do not share it with third parties or use it to train AI models.

3. How We Use Your Information

  • Process incoming customer messages and generate order-taking AI responses
  • Place orders via your connected store on behalf of customers
  • Send transactional emails (billing, order confirmation, account alerts)
  • Provide analytics and reporting on your conversations and orders
  • Detect and prevent fraud or policy violations
  • Comply with legal obligations

We do not sell your data or your customers' data. We do not use conversation content to train AI models.

4. Data Deletion

Users may request deletion of their data at any time:

  • Account deletion: Delete your account from Dashboard → Account → Danger Zone. All data is deleted within 30 days.
  • Instagram data deletion: If you connected via Instagram and wish to have your data removed, use our deletion callback at https://theoleai.com/api/auth/instagram/delete or email privacy@theoleai.com.
  • Customer data: Your end customers may request deletion of their conversation data by contacting you directly. You can delete specific conversations from your Olemhe dashboard.

5. Data Security

  • All API keys and access tokens are encrypted with AES-256-GCM before storage
  • Data is transmitted over TLS/HTTPS at all times
  • Our database uses Row-Level Security — tenants cannot access each other's data
  • Payment processing is handled entirely by PCI-compliant providers (Stripe, Paystack)

6. Data Retention

Conversation history and order data are retained for 12 months. Account data is retained while your subscription is active. You may request earlier deletion at any time by emailingprivacy@theoleai.com.

7. Third-Party Services

SupabaseDatabase and authentication
Anthropic (Claude)AI processing of customer messages
Meta (Facebook/Instagram/WhatsApp)Messaging platform access
StripeSubscription billing (global)
PaystackSubscription billing (Nigeria)
ResendTransactional email delivery
VercelHosting and infrastructure

8. Cookies

We use only strictly necessary cookies for session management (authentication). We do not use advertising, tracking, or analytics cookies.

9. Your Rights

You have the right to access, correct, delete, or export your data. Contact us at privacy@theoleai.com.

10. Contact

Olemhe Privacy
Email: privacy@theoleai.com