Privacy Policy

Legal

Effective Date: 4 April 2026 | Last Updated: 4 April 2026

1. Introduction

Virpa (“we,” “our,” or “us”) operates the website virpa.ai and the Virpa customer communication application (collectively, the “Service”). Virpa is an AI-powered virtual assistant platform that provides sales and marketing automation, including automated WhatsApp messaging, Facebook lead capture, website follow-up, review management, and AI voice assistant capabilities.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Service, whether you are a business customer subscribing to Virpa or an end-user interacting with a Virpa-powered communication channel.

By accessing or using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2. Information We Collect

2.1 Information You Provide Directly

Account information: Name, email address, business name, phone number, and billing details when you register for Virpa.
Communication content: Messages, voice recordings, and other content sent or received through the Virpa platform (WhatsApp, Facebook Messenger, SMS, voice calls, and web chat).
Customer data you upload: Contact lists, lead information, and customer records you import into the Virpa system.
Support enquiries: Information you share when contacting us for assistance.

2.2 Information Collected Automatically

Usage data: How you interact with the Service, including features used, messages sent, automations triggered, and session duration.
Device & technical data: IP address, browser type, operating system, device identifiers, and referring URLs.
Cookies & similar technologies: See Section 8 for details.

2.3 Information from Third Parties

Social platforms: When you connect your Facebook or WhatsApp Business account, we receive lead and message data in accordance with those platforms’ terms.
Payment processors: Our payment provider shares transaction confirmations and billing details necessary to manage your subscription.

3. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Virpa platform and all its features (automated messaging, lead follow-up, review management, AI voice assistant).
Process and manage your subscription, payments, and invoices.
Send automated communications on your behalf through WhatsApp, SMS, Facebook Messenger, email, and voice channels.
Train, improve, and enhance our AI models and automation systems to deliver better responses and outcomes.
Analyse usage patterns to improve the Service and develop new features.
Provide customer support and respond to your enquiries.
Send you service-related notifications, updates, and promotional communications (with your consent where required).
Detect, prevent, and address fraud, security issues, and technical problems.
Comply with legal obligations and enforce our terms.

4. Legal Basis for Processing

Where applicable (including under UK GDPR and EU GDPR), we process your personal data on the following legal bases:

Contract performance: Processing necessary to provide the Service you have subscribed to.
Legitimate interests: Improving our platform, preventing fraud, and marketing our services to existing customers.
Consent: Where you have given explicit consent, such as opting in to promotional emails or connecting third-party accounts.
Legal obligation: Where processing is required to comply with applicable law.

5. Data Sharing & Disclosure

We do not sell your personal data. We may share your data with:

Service providers: Trusted third parties who help us operate the Service (hosting providers, payment processors, email delivery services, AI/LLM providers, telephony providers).
Platform partners: WhatsApp (Meta), Facebook, and other messaging platforms as required to deliver communications on your behalf.
Professional advisors: Lawyers, accountants, and auditors where reasonably necessary.
Law enforcement: Where required by law, court order, or to protect the rights, property, or safety of Virpa, our users, or the public.
Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account closure, we retain data for a reasonable period to comply with legal obligations, resolve disputes, and enforce our agreements. Communication logs and AI interaction data are retained in accordance with our data management schedule and applicable regulatory requirements.

You may request deletion of your data at any time by contacting us (see Section 13).

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure: Request deletion of your personal data (“right to be forgotten”).
Restriction: Request that we limit the processing of your data.
Portability: Receive your data in a structured, machine-readable format.
Objection: Object to processing based on legitimate interests or for direct marketing.
Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at my@virpa.ai. We will respond within 30 days (or as required by applicable law).

If you are located in the UK or EU, you also have the right to lodge a complaint with your local data protection authority (e.g., the UK Information Commissioner’s Office).

8. Cookies & Tracking Technologies

We use cookies and similar technologies to:

Keep you signed in and remember your preferences.
Understand how you use our Service and which features are most popular.
Deliver and measure the effectiveness of marketing campaigns.
Ensure the security and integrity of the platform.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

9. International Data Transfers

Your data may be transferred to, and processed in, countries outside the United Kingdom or European Economic Area. Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the relevant authorities, to protect your data in accordance with applicable law.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit and at rest, access controls, regular security assessments, and employee training. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

11. Children's Privacy

The Service is designed for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by posting the updated policy on our website and updating the “Last Updated” date above. We encourage you to review this page periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: my@virpa.ai
Website: virpa.ai