Offer on Personal Data Protection for Users of the Alina Assist Service

This document defines the terms for processing and protecting the personal data of users (Clients) who interact with Messenger (Telegram, WhatsApp, etc.) business accounts through the Alina Assist service.


1. General Provisions
1.1. This offer governs the relationship between the Alina Assist service (hereinafter — the “Service”) and users (hereinafter — the “Clients”) who interact with business accounts through our service.
1.2. By using the Alina Assist service to communicate with business accounts, the Client agrees to the terms of this offer.
1.3. The Service is operated by an individual entrepreneur registered in Georgia and operates in accordance with:
  • the Law of Georgia “On Personal Data Protection”;
  • the general principles of the GDPR (EU Regulation 2016/679);
  • the national laws of the countries in which our Clients are located.


2. Principles of Data Processing
2.1. We process Clients’ personal data solely for the purpose of ensuring the operation of the automated reply service on behalf of business accounts.
2.2. All Client data is processed in compliance with the principles of:
  • lawfulness and fairness;
  • purpose limitation;
  • data minimization;
  • accuracy and relevance;
  • storage limitation;
  • confidentiality and security.

3. Categories of Data Processed
3.1. The Service processes the following categories of Client data:
  • Messanger identifiers (user_id) — a unique numeric identifier which is private information within Messanger and cannot be used to determine the Client’s account;
  • message texts sent by the Client to the business account;
  • message metadata (time of sending, message type);
  • data necessary for the technical operation of the Service.
3.2. We do not process or store:
  • Clients’ names (first_name, last_name);
  • Clients’ usernames (@username);
  • Clients’ passwords and access tokens;
  • financial data (card numbers, bank details);
  • biometric data;
  • special categories of personal data unless they are voluntarily provided by the Client in messages.
3.3. Important: We store only the Messenger user_id, which is an internal Messenger identifier and does not allow identification of a specific user or their account. It is impossible to determine the Client’s name, username, or other public information based on the user_id.


4. Data Protection and Anonymization
4.1. We apply strict measures to protect Client data:
  • encryption of all connections (TLS/SSL);
  • data isolation by business accounts;
  • restriction of employee access to Client data;
  • regular security audits;
  • automatic deletion of data after the retention period expires.
4.2. Data anonymization:
  • We do not store Clients’ names or usernames, which provides an additional level of anonymization.
  • The Messenger user_id we store is a private identifier and does not allow identification of a specific user or their account.
  • When processing messages, identifier anonymization methods are applied where technically possible.
  • Client data is not used to create profiles or analyze behavior outside the context of a specific dialogue with a business account.
  • We do not link Client data across different business accounts.
4.3. Technical protection measures:
  • Data is stored on secure servers with restricted access.
  • All data operations are logged for accountability.
  • Security systems are regularly updated and protected against unauthorized access.


5. Non-Disclosure to Third Parties
5.1. We guarantee that Clients’ personal data is not transferred to third parties, except in cases:
  • directly предусмотренных by law;
  • upon a written request from authorized government bodies in accordance with the law;
  • when it is technically necessary to use infrastructure services (hosting, cloud services), provided that appropriate data protection agreements are concluded.
5.2. We do not sell, rent, or provide Client data for commercial purposes.
5.3. We do not use Client data for:
  • targeted advertising;
  • transfer to marketing agencies;
  • creating databases for sale;
  • any other commercial purposes unrelated to providing the automated reply service.


6. Data Retention Period
6.1. Client data is stored for the period necessary to provide the automated reply service.
6.2. By default, message texts are stored for up to 365 days, after which they are automatically deleted or archived in encrypted form.
6.3. After the Client stops interacting with the business account, data may be deleted earlier at the request of the Client or the business account.
6.4. Upon request to the Alina Assist service, dialogue data may be deleted. To submit a request, contact the coordinator: @alina_business_assit


7. Clients’ Rights
7.1. The Client has the right to:
  • receive information about which of their personal data is being processed;
  • request correction of inaccurate data;
  • request deletion of personal data (right to be forgotten);
  • request restriction of data processing;
  • receive a copy of their personal data in a structured format;
  • object to the processing of data;
  • withdraw consent to data processing.
7.2. To exercise their rights, the Client may contact:
  • the owner of the business account with which they interact;
  • the Alina Assist service directly at: privacy@alina-assist.io;
  • the Service coordinator on Telegram: @alina_business_assit (for requests to delete dialogue data).


8. Liability and Guarantees
8.1. We are responsible for maintaining the confidentiality and security of Client data in accordance with applicable law.
8.2. We guarantee that all employees and contractors with access to Client data are bound by non-disclosure obligations.
8.3. In the event of a data protection breach, we undertake to:
  • promptly notify affected Clients and relevant authorities (if required by law);
  • take measures to eliminate the consequences of the breach;
  • conduct an investigation and take steps to prevent similar incidents in the future.


9. Interaction with Business Accounts
9.1. The Client understands and agrees that:
  • their messages are processed by the Alina Assist service on behalf of and at the instruction of the business account;
  • the business account is the data controller with respect to correspondence with the Client;
  • data processing terms may also be governed by the business account’s privacy policy.
9.2. We act as a data processor on behalf of the business account and do not use Client data for our own purposes unrelated to the provision of the service.


10. Amendments to the Offer
10.1. We reserve the right to amend this offer due to changes in legislation or the development of the Service.
10.2. All changes are published in the current version of the document. The Client is deemed to be notified of the changes from the moment of their publication.
10.3. Continued use of the Service after changes are made constitutes the Client’s acceptance of the new terms.


11. Contact Information
11.1. For all questions related to personal data protection, data processing, or the exercise of Client rights, please contact:
Email: privacy@alina-assist.io
Telegram coordinator: @alina_business_assit (for requests to delete dialogue data)
Public offer: https://docs.google.com/document/d/1jZJrXqjfLYzJZqog3GHxDuSx0A__GahynN3s0PGQqww/edit?usp=sharing
11.2. We undertake to review any request within 30 days from the date of its receipt.


12. Final Provisions
12.1. This offer enters into force from the moment the Client begins using the Alina Assist service to interact with business accounts.
12.2. All disputes arising in connection with this offer shall be resolved in accordance with the legislation of Georgia.
12.3. If any provision of this offer is found to be invalid, the remaining provisions shall remain in full force and effect.


Last updated: 12-01-2026
Made on
Tilda