Privacy Policy

Last Updated: April 11, 2025

1. Introduction

Welcome to GLA Enterprise (“we”, “us”, “our”). This Privacy Policy explains how we collect, use, store, share, and protect information when you (“you”, the “User”) use our WhatsApp chatbot platform services (“Service”), provided to restaurants (“Business Clients”) and used by the end customers of those restaurants (“End Customers”). This policy also applies to our website www.glaenterprise.com

By using our Service, you agree to the data practices described in this policy. If you do not agree, please do not use the Service.

2. Information We Collect

We collect different types of information:

  • Information Provided by our Business Clients (Restaurants):
    • Business name and contact information (administrator’s name, email, phone).
    • Designated operator(s) WhatsApp phone number(s).
    • Menu data (item names, descriptions, prices, availability).
    • Service configuration settings (e.g., order receiving status Yes/No, business hours text).
    • Payment information for bank transfers (e.g., Nequi/bank details, provided for display to End Customers).
    • API Credentials if the Business Client manages their own WhatsApp API connection (WABA ID, Phone Number ID, Access Token).
  • Information Collected from End Customers (Chatbot Users):
    • WhatsApp phone number.
    • Name (from WhatsApp profile or as provided during conversation).
    • Content of messages exchanged with the chatbot (orders, inquiries).
    • Details of placed orders (items, quantities, prices, total, date/time).
    • Delivery address (if applicable for the order).
    • Payment confirmation status for transfers (if applicable; we do NOT directly collect End Customer bank details).
    • Conversation history and state within the chatbot flow.
  • Information Collected Automatically:
    • WhatsApp message metadata (provided by Meta, such as message IDs, timestamps).
    • Technical information about interactions with our Service (server logs for operation, debugging, and security).

3. How We Use Your Information

We use the collected information for the following purposes:

  • To Provide and Operate the Service: Process orders, manage chatbot conversations, send relevant notifications (to End Customers, Business Clients, Operators).
  • To Facilitate Communication: Enable interaction between the End Customer, the chatbot, and the restaurant’s Operator.
  • Configuration and Management: Allow Business Clients to manage their menu, status, operator number, etc., through the provided mechanisms (initially Google Sheets, potentially an admin panel in the future).
  • Support and Maintenance: Diagnose and resolve technical issues.
  • Legal Compliance and Security: Comply with legal obligations and protect the security and integrity of our Service and users.
  • Service Improvement: Analyze usage patterns (using aggregated or anonymized data where possible) to enhance functionality and user experience.
  • Billing and Administration (for Business Clients): Manage the business relationship with the restaurants using the platform.

4. How We Share Your Information

We do not sell or rent personal information. We only share information under the following limited circumstances:

  • With the Specific Restaurant: An End Customer’s order information (including name, number, address if applicable, and order details) is shared with the specific Business Client (Restaurant) from whom the End Customer is ordering, solely for the purpose of fulfilling and managing the order. A restaurant’s configuration information is not shared with other restaurants.
  • With Meta (Facebook/WhatsApp): As we utilize the official WhatsApp Cloud API, message information and necessary metadata transit through Meta’s infrastructure, subject to their own data policies.
  • With Service Providers: We use third-party cloud infrastructure providers (such as Google Cloud Platform for Cloud Run and Firestore) to host our service and store data. These providers are contractually obligated to maintain the security and confidentiality of the information.
  • For Legal Reasons: We may disclose information if required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is reasonably necessary to protect the rights, property, or safety of GLA Enterprise, our users, or the public.  
  • Business Transfers: If GLA Enterprise is involved in a merger, acquisition, or asset sale, user information may be transferred as part of that transaction. We will provide notice as required by law before information is transferred and becomes subject to a different privacy policy.

5. Data Storage and Security

  • We store the information we collect on secure servers provided by Google Cloud Platform (Firestore).
  • We implement reasonable technical and organizational security measures designed to protect the information against unauthorized access, alteration, disclosure, or destruction. However, no internet-based system can be 100% secure.  
  • Configuration information managed via Google Sheets is subject to Google’s security and privacy policies.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, provide our Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods may vary depending on the type of data and the context.  

7. Your Data Rights

Depending on your jurisdiction (e.g., Colombia under Ley 1581 de 2012, GDPR in Europe, CCPA in California), you may have certain rights regarding your personal data, which may include the right to:

  • Access the personal data we hold about you.  
  • Request correction of inaccurate data.
  • Request deletion of your data, subject to legal limitations.
  • Object to or restrict certain types of processing.
  • Lodge a complaint with a relevant data protection authority.

To exercise your rights, please contact us using the information in the “Contact Us” section below. We will need to verify your identity before processing your request. Please note that requests for deletion may be subject to legal or contractual retention requirements.

8. Cookies and Similar Technologies

[If your website uses cookies, add a section here explaining the types of cookies used (e.g., essential, analytical, marketing) and how users can manage their preferences. If you don’t have a website or it doesn’t use cookies, you can state: “Currently, our primary chatbot Service does not use cookies. If we implement a website that uses cookies, this section will be updated.”]

9. Changes to This Privacy Policy  

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website [if applicable] or through other appropriate communication channels. We encourage you to review this policy periodically. The “Last Updated” date at the top indicates when it was last revised.  

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

GLA Enterprise Email: scripts2go.co@gmail.com.