M
SHIRIN MESSAGE← Back to home

Privacy Policy

Last updated: April 24, 2026

1. Introduction

SHIRIN MESSAGE (“we”, “our”, or “the Service”) is a unified customer messaging platform that helps businesses respond to customer conversations across Facebook Messenger, Instagram, and WhatsApp from a single inbox. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

2. Information We Collect

We collect the following categories of information:

  • Account information: Name, email address, and authentication credentials of business users (admins, site managers, and moderators) who sign up for SHIRIN MESSAGE.
  • Connected page data: When you connect a Facebook Page, we receive the Page ID, name, profile picture, and a Page access token issued by Meta so we can send and receive messages on the Page’s behalf.
  • Customer conversations: Messages exchanged between your connected Pages and their customers, including message content, attachments, timestamps, and delivery status.
  • Customer profile information: The name, profile picture, and Page-Scoped ID (PSID) of end-users who message your Page, as provided by Meta’s Graph API. We use this only to display the customer to your moderators inside the SHIRIN MESSAGE inbox.
  • Operational data: Order details that your moderators record, internal notes, shift schedules, assignment history, and activity logs used for reporting and audit.

3. How We Use Information

  • To deliver core messaging features: routing conversations, sending replies, and showing customer context.
  • To assign conversations to moderators based on shifts and round-robin rules.
  • To generate performance reports and audit logs for site managers and admins.
  • To secure your account and prevent abuse.
  • To comply with legal obligations and Meta Platform Policies.

4. How We Share Information

We do not sell your data. We share information only with: (a) Meta, when sending or receiving messages through the Messenger, Instagram, or WhatsApp APIs; (b) our infrastructure providers (database and hosting) who process data on our behalf under strict confidentiality; and (c) authorities when required by law.

5. Data Retention

We retain conversation history, customer contacts, and orders for as long as your account is active so you can access historical context and reports. You may request deletion of specific data or your entire account at any time (see Section 8).

6. Security

Data is encrypted in transit using TLS. Page access tokens and other secrets are stored encrypted at rest. Access is controlled by role-based permissions and row-level security policies in our database.

7. Your Rights

You have the right to access, correct, export, or delete your personal data. To exercise these rights, contact us at the email address below.

8. Data Deletion

You may request deletion of your data at any time by following the instructions on our Data Deletion page. Disconnecting a Facebook Page from SHIRIN MESSAGE will also stop further data collection from that Page.

9. Children’s Privacy

SHIRIN MESSAGE is not intended for use by children under 13. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of this page indicates when changes took effect.

11. Contact

For privacy questions or data requests, contact us at privacy@shirinapp.lovable.app.