Privacy Policy
This policy reflects how GlowBot handles data. It is a working draft and should be reviewed by qualified counsel in Vietnam before being relied on as a binding agreement.
1. Who we are and what this policy covers
GlowBot provides an outsourced AI patient-success service for beauty and aesthetic clinics in Vietnam. We operate on a clinic's existing Zalo Official Account and Facebook Page to answer inbound messages, book appointments, and run patient-lifecycle follow-up.
This policy explains how we handle personal data for clinic users (owners and staff who log in to the dashboard) and customers (individuals who message a clinic through a channel GlowBot operates on that clinic's behalf).
Our role. For customer data, each clinic is the data controller and GlowBot is a data processor acting on the clinic's instructions. For clinic account data, GlowBot is the controller. We never use one clinic's data for another clinic, and we never sell personal data.
2. Data we collect
Clinic account data. Name, email, role, language preference, hashed login credentials, and session activity for dashboard users.
Channel and customer data. When a customer messages a connected Zalo OA or Facebook Page: message content, the platform-provided sender identifier and display name, timestamps, and any details the customer shares.
Clinic operational data. Information a clinic enters to run the service: treatments, pricing, promotions, staff and equipment profiles, FAQs, appointments, and patient records the clinic chooses to add.
Technical and usage data. Logs needed to run and secure the service, including IP address, request metadata, and an audit trail of sensitive actions.
Encrypted channel credentials. Access and refresh tokens for a clinic's Zalo OA and Facebook Page, stored encrypted and never shown to dashboard users.
3. How we use data
- Operate the service: answer messages, qualify inquiries, book appointments, and run lifecycle follow-up.
- Generate AI replies (see Section 5).
- Attribute bookings under transparent, inspectable rules and prepare billing.
- Provide the dashboard, support, security monitoring, and audit logging.
- Comply with law and enforce our terms.
We do not use personal data for cross-clinic analytics, profiling across clinics, or advertising.
4. Legal bases
Where applicable law requires a legal basis, we rely on performance of our contract with the clinic, the clinic's and customers' consent for messaging on the relevant channel, and our legitimate interests in operating and securing the service in a way that does not override individual rights.
5. AI processing
GlowBot uses Anthropic's Claude models to generate conversational replies and lifecycle messages. Relevant conversation context and clinic knowledge are sent to Anthropic's API to produce a response. Under Anthropic's commercial API terms, this content is not used to train Anthropic's models. AI output is generated automatically, and clinic staff can take over any conversation at any time.
6. Sharing and subprocessors
We share personal data only with service providers that help us run GlowBot, under contract and only as needed:
| Subprocessor | Purpose | Region |
|---|---|---|
| Anthropic | AI model processing (Claude API) | United States |
| Supabase | Database, authentication, storage | Singapore |
| Railway | Application hosting | United States / regional |
| Zalo (VNG) | Messaging and ZNS on the clinic OA | Vietnam |
| Meta Platforms | Facebook Page messaging | United States / regional |
We also disclose data where required by law or to protect rights and safety. We do not sell personal data, and we do not share data between clinics.
7. Data isolation and security
- Per-clinic isolation. Every record is stored with a clinic ID, and every request is checked against the logged-in clinic before any data is returned. Isolation is enforced in our application code on every request and fails closed.
- Encryption. Channel tokens are encrypted at rest with AES-256-GCM. Traffic is served over HTTPS.
- Access control. Dashboard access is per-user and clinic-scoped, with owner-only controls for settings, user management, exports, and deletion.
- Restricted support access. Human support access uses a restricted role, is time-boxed and granted by the clinic, and is recorded in the audit log.
- Audit logging. Sensitive actions are logged and visible to clinic owners in the dashboard.
8. Data retention
We retain clinic and customer data for as long as the clinic uses the service. A clinic can request deletion at any time. On a deletion request we schedule a full cascade delete after a short grace period (currently 48 hours) during which the clinic can cancel. After deletion, residual copies may persist briefly in encrypted backups before expiring on their normal cycle.
9. Your rights and choices
Clinic owners can export all of their clinic's data at any time and delete their account and data from the dashboard. Clinics and individuals may also request access, correction, or deletion by contacting us (Section 14). Because GlowBot processes customer data on behalf of clinics, customer requests are generally directed to, and fulfilled by, the clinic, and we assist the clinic in responding.
10. International transfers
Data may be processed outside Vietnam by the subprocessors listed in Section 6 (for example database hosting in Singapore and AI processing in the United States). We rely on appropriate safeguards and the protections in our agreements with those providers.
11. Customers messaging a clinic
If you message a clinic that uses GlowBot, you are interacting with that clinic's own Zalo OA or Facebook Page. Some replies may be generated by GlowBot's AI on the clinic's behalf. The clinic decides what data to keep and is your primary point of contact for privacy requests about your conversation.
12. Children
GlowBot is a business service for clinics and is not directed to children. Clinics are responsible for handling any data relating to minors in line with applicable law and parental-consent requirements.
13. Changes to this policy
We may update this policy as the service or the law changes, and will post the updated version with a new last-updated date.
14. Contact
Questions or requests about this policy: hello@glowbot.vn.