What is Dunefox AI chatbot?

Dunefox is an AI-powered chatbot platform that works on your website and WhatsApp to automate customer engagement, lead capture, and appointment booking 24/7. We specialize in solutions for real estate, professional services, education, and hospitality businesses in India.

Does Dunefox support Indian languages?

Yes, Dunefox supports 10+ Indian languages including Hindi, Marathi, Tamil, Telugu, Kannada, Malayalam, Gujarati, Bengali, and more. This helps you engage customers across Tier-2 and Tier-3 cities.

Can Dunefox integrate with my existing CRM?

Yes, Dunefox integrates with popular CRMs including Salesforce, HubSpot, Zoho, and industry-specific platforms like 99acres (real estate), MagicBricks, and custom systems via API.

Which industries does Dunefox serve?

Dunefox specializes in four key industries: Real Estate (agents & brokers), Professional Services (consultants, legal, accounting), Education (coaching institutes & edtech), and Hospitality (hotels, resorts, wellness centers).

Is there a free trial available?

Yes, Dunefox offers a free trial so you can test the platform before committing. No credit card required to start your trial.

Dunefox | AI Agentic Customer Support

Introduction

Welcome to Dunefox ("we," "us," "our"). We, at Sucetas Technologies Pvt. Ltd., are the creators and operators of the Dunefox platform. Our mission is to provide powerful, AI-driven chatbot solutions for websites and WhatsApp to help businesses enhance customer engagement and streamline communication.

This Privacy Policy outlines our commitment to protecting the privacy of our clients ("you," "your," "Business") and your end-users. It describes how we collect, use, store, share, and protect information when you use our website, dunefox.io (the "Site"), and our suite of chatbot services (the "Services").

We understand that the data you entrust us with is sensitive and critical to your operations. Therefore, we have designed our platform and this policy with a "privacy-first" and "consent-first" approach, adhering to global data protection regulations, including India's Digital Personal Data Protection Act, 2023 (DPDP Act) and the General Data Protection Regulation (GDPR) of the European Union.

Plain-language summary

In simple terms:

We provide AI chatbot services for businesses
We protect your data and your customers' data with strong security measures
We follow privacy laws like India's DPDP Act and Europe's GDPR
You control your data and can request its deletion at any time
We don't sell your personal information to third parties
We're transparent about how we use your data

1. Scope and Applicability

This policy applies to information we collect from:

Clients (Data Fiduciaries/Controllers): Businesses or individuals who register for an account, purchase our Services, and configure chatbots.
Website Visitors: Individuals who visit our Site, dunefox.io, and may interact with forms or our own chatbot.
End-Users (Data Principals/Subjects): Individuals who interact with a Dunefox-powered chatbot implemented on our Clients' websites or WhatsApp channels.

2. Data Processing Agreement (DPA)

By utilizing our Services, you agree to the terms of a separate Data Processing Agreement (DPA), which is incorporated by reference into our Terms of Service. The DPA legally governs the relationship between you (the Data Fiduciary/Controller) and us (the Data Processor) for the processing of End-User Personal Data, ensuring that such processing is conducted strictly in accordance with your documented instructions and applicable data protection laws, including DPDP and GDPR.

3. Information We Collect

A. Information You Provide Directly to Us (Client Data):

Account & Contact Information: Name, business name, email address, phone number, and physical address.
Billing Information: Payment details, securely processed by our third-party payment processors.
Configuration Data: Credentials and settings for integration, including WhatsApp Business Account details.
Business Knowledge Base Data: Business-specific data for RAG including uploaded documents and website URLs.
Communications: Records of correspondence for support or inquiries.

B. Information Collected via End-User Interaction:

Chat Interaction Data: Transcripts of conversations, messages, timestamps, and language preferences.
End-User Identifiers: Phone numbers or platform-specific IDs required by messaging services.
Metadata: Data related to conversation flow and model performance.

C. Information We Collect Automatically:

Log and Usage Data: IP address, browser type, operating system, referring pages, device information.
Cookies and Similar Technologies: Used to operate, administer, and improve your experience.

4. Cookies and Tracking Technologies

Cookie Type	Purpose	Consent Required
Strictly Necessary	Essential for site functionality, such as user authentication and security.	No (Implicit/Legitimate Interest)
Performance/Analytics	Aggregated and anonymized data to analyze Site usage and improve functionality.	Yes
Functionality	Remember choices (e.g., language, auto-login preferences) to personalize your experience.	Yes
Marketing	Track online activity for targeted advertising.	Yes

5. How We Use Your Information

Data Type	Purpose of Processing	Legal Basis (GDPR/DPDP)
Client Data (Account & Billing)	To set up your account, process payments, and provide customer support.	Contractual Necessity
Client Data (Training Data)	To exclusively train and operate your custom AI chatbot using RAG.	Consent & Contractual Necessity
Usage Data & Analytics	To monitor service health, debug issues, and improve platform functionality.	Legitimate Interests
Communication	To send service-related announcements and, with consent, marketing.	Legitimate Interests & Consent

6. Data Security and Breach Notification

We take the security of your data very seriously and implement a multi-layered security strategy:

Infrastructure: Hosted on AWS or GCP with robust physical and network security.
Data Encryption: All data is encrypted In Transit (TLS 1.2+) and At Rest (AES-256).
Access Control: Secure authentication (OAuth 2.0, optional 2FA) and Role-Based Access Control (RBAC).
Tenant Architecture: Your data is logically and/or physically segregated from other clients' data.
Compliance Goals: Commitment to achieving ISO/IEC 27001:2022 and SOC 2 Type II certifications.
Data Breach Notification: We will notify affected clients within 72 hours of becoming aware of a breach.

7. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in these limited circumstances:

Service Providers: Third-party vendors who process data strictly on our instructions.
Affiliates: Companies within the Sucetas Technologies family for operational purposes.
Legal Compliance: To comply with laws, regulations, or governmental requests.
Business Transfers: In the event of a merger, acquisition, or sale of assets.

8. Data Retention

Training Data: Permanently deleted within 90 days after account termination.
End-User Chat Data: Retained for the duration of the Client contract and deleted within 90 days after termination.

9. Your Data Protection Rights

Right (DPDP/GDPR)	Description
Right to Access	Request a copy of the personal data we hold about you.
Right to Rectification	Request correction of inaccurate or incomplete personal data.
Right to Erasure	Request the deletion of your personal data ("Right to be Forgotten").
Right to Restrict Processing	Request that we restrict the processing of your personal data.
Right to Object	Object to our processing of your personal data based on legitimate interests.
Right to Data Portability	Request transfer of your data to another organization.
Right to Withdraw Consent	Withdraw your consent at any time where processing is based on consent.
Right to Grievance Redressal	File a complaint with us or escalate to the relevant Supervisory Authority.

10. International Data Transfers

Transfers from EEA/UK: Based on Standard Contractual Clauses (SCCs) or UK's International Data Transfer Agreement (IDTA).
Transfers from India: Allowed to any country not restricted by the Central Government, fully compliant with DPDP Act.

11. Children's Privacy

Our Services are not directed to individuals under 18 years of age.
We do not knowingly collect personal data from children.
If we become aware of processing children's data without parental consent, we will delete it immediately.
We prohibit tracking, behavioral monitoring, or targeted advertising directed at children.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will also notify you through email or a prominent notice on our Service.

13. Contact Us and Grievance Redressal

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our dedicated Data Protection Officer (DPO):

Sucetas Technologies Pvt. Ltd. (Dunefox)

Attn: Data Protection Officer : Sunny Vishnu Dhakane

Pune, Maharashtra

India

Email for Privacy/DPO Inquiries: privacy@dunefox.io

General Contact: contact@dunefox.io

Phone: 8329687438