Privacy Policy

Effective Date: 24 April 2026

Last Updated: 24 April 2026

Company: Axova Technologies

Website: www.axova.in

1. Introduction

Axova Technologies ("Axova," "we," "our," or "us") is committed to protecting the privacy, security, and integrity of all data belonging to our users, clients, and their customers. This Privacy Policy explains in detail what information we collect, how we use it, how long we retain it, how we protect it, and the rights you have over your data when using our platform and services.

By accessing or using the Axova platform, website (www.axova.in), or any of our associated services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with any part of this Privacy Policy, you must discontinue use of our services immediately.

This Privacy Policy applies to:

  • Business owners, agencies, franchise operators, and multi-location brands who register for and use an Axova account ("Clients")
  • End customers who interact with businesses through Axova-connected communication channels
  • Visitors to the Axova website at www.axova.in

2. Information We Collect

2.1 Information You Provide Directly

When you register for an Axova account, subscribe to a plan, request a demo, or contact our support team, we may collect the following:

  • Full name and business/organization name
  • Email address and phone number
  • Business address and location details
  • Billing and subscription information (processed through secure, PCI-DSS compliant third-party payment gateways — Axova does not store card numbers or banking credentials directly)
  • Communication preferences, account configurations, and workflow settings you establish

2.2 Information Collected Through Platform Integrations

When you connect third-party platforms and communication channels to your Axova account, we access only the specific data required to deliver the services you have configured and explicitly authorized. These integrations currently include:

  • Google Business Profile (for profile management, review monitoring, and post scheduling)
  • WhatsApp Business via Meta (for AI-assisted customer communication and lead capture)
  • Facebook Pages (for message management and engagement)
  • Instagram Business Accounts (for message and comment management)
  • YouTube (for engagement tracking and comment monitoring)

* We do not access any third-party integration beyond the precise scope of the permissions you explicitly grant at the time of connection.

3. Google Business Profile Data — What We Access and Why

This section is specific to our Google Business Profile integration and is provided in full transparency in accordance with Google's API Services User Data Policy.

When a Client connects a Google Business Profile to Axova, we access the following categories of data exclusively with the Client's explicit prior authorization through Google's official OAuth 2.0 consent flow:

Data Accessed Purpose
Business name, address, phone number, hours of operation, business categories To display and support management of profile information within your Axova dashboard
Business profile photos and media content To support profile completeness and enable scheduled media updates where the Client has configured this feature
Customer reviews and aggregate ratings To display reviews in your unified dashboard and assist your team in monitoring customer feedback
Review response drafts and published responses To help your team draft review responses and publish them only when you or your authorized team members have reviewed and approved the workflow
Google Posts and business updates To allow scheduling and publishing of Google Business Profile posts based entirely on content you provide and settings you configure
Questions and Answers (Q&A) content To display customer questions and help your team prepare and manage responses
Business insights and engagement analytics To display customer interaction metrics and performance data within your Axova reporting dashboard
Location data and service area information To support management of single locations or multiple authorized locations in agency and franchise accounts

Important Clarifications on Google Data Access

  • We access Google Business Profile data exclusively for profiles that the Client owns or has been explicitly authorized by the verified profile owner to manage.
  • We do not scrape, collect, or store data from any Google Business Profile that is not directly and voluntarily connected to your Axova account by you.
  • We do not use Google Business Profile data for advertising, profiling, or any purpose beyond the direct delivery of features you have activated.
  • We do not share Google Business Profile data with any third party except as required to operate the specific features you have configured.
  • We access Google user data only as described in this Privacy Policy and in accordance with Google's Limited Use Policy requirements.

4. Google Business Profile Data — Retention Policy

We apply strict, time-limited data retention rules to all Google Business Profile data accessed through our platform:

Data Category Retention Period
Business profile information (name, address, hours, categories) Retained while your Axova account is active; permanently deleted within 30 days of account termination or Google profile disconnection
Customer review content and published responses Retained while your account is active for dashboard display; permanently deleted within 30 days of disconnection
Scheduled and published Google Posts Retained while your account is active; permanently deleted within 30 days of account termination
Analytics, insights, and engagement data Retained in aggregated form for up to 12 months; raw data permanently deleted within 30 days of disconnection
OAuth authorization tokens and access credentials Deleted immediately and permanently upon disconnection or revocation of access
Temporarily cached profile data Cached for a maximum of 24 hours solely for platform performance optimization; never retained beyond this window
Workflow configurations referencing Google profiles Deleted within 30 days of account closure or profile disconnection

We never retain Google Business Profile data beyond what is operationally necessary for the active, authorized delivery of services you have configured. Data is not stored, mined, or repurposed for any commercial use beyond your direct service.

5. How You Can Revoke Access and Disconnect

You retain full and immediate control over all permissions and data you have granted to Axova. You may revoke access at any time using any of the following methods:

Method 1

Through Your Axova Dashboard (Immediate)

  1. Log in to your account at www.axova.in
  2. Go to Settings → Connected Accounts
  3. Select Google Business Profile
  4. Click Disconnect or Revoke Access
  5. Your OAuth authorization token is immediately invalidated and your Google profile data is queued for permanent deletion
Method 2

Through Google Account Security Settings (Immediate)

  1. Visit myaccount.google.com
  2. Navigate to Security → Third-party apps with account access
  3. Locate Axova in the list of connected applications
  4. Click Remove Access
  5. This immediately revokes all Axova permissions to your Google Business Profile at the Google level
Method 3

By Contacting Axova Support (Within 7 Business Days)

Send an email to info@axova.in with the subject line:
"Revoke Google Access — [Your Registered Account Email]"

We will process your revocation and confirm permanent deletion of all associated Google Business Profile data from our systems within 7 business days of receiving your request.

What Happens After Disconnection:

  • Your Google OAuth token is permanently and immediately deleted
  • All cached Google profile data is removed within 24 hours
  • All stored review, post, analytics, and profile data is permanently deleted within 30 days
  • You regain exclusive and complete control of your Google Business Profile immediately
  • No residual data from your Google profile is retained by Axova after the deletion window

6. Security & Governance

The security of your data and third-party credentials is a core operational priority at Axova. The following technical and organizational measures are in place:

OAuth 2.0 Protocol

Axova uses Google's official OAuth 2.0 authorization protocol for all Google Business Profile connections. This means:

  • We never request, store, or handle your Google account username or password at any point
  • Access is granted exclusively through a secure, time-limited, scoped authorization token issued directly by Google
  • Authorization tokens are encrypted at rest using AES-256 encryption and in transit using TLS 1.2 or higher
  • We request only the minimum OAuth scopes necessary for the specific features you enable — no additional permissions are requested

Incident Response

  • In the event of a confirmed data breach or security incident affecting client data, we will notify affected Clients within 72 hours of our becoming aware of the incident
  • We maintain a documented incident response and business continuity plan that is reviewed regularly

Access Controls

  • Access to client data within Axova is restricted to authorized personnel with a documented operational need
  • Role-based access controls (RBAC) are enforced across all internal systems
  • All internal access to client data is logged and subject to regular security audit
  • Employee access to production data is reviewed and certified on a periodic basis

Data Encryption

  • All data in transit between your browser or device and Axova servers is protected by TLS 1.2 or higher encryption
  • All data stored on Axova servers including tokens, profile data, customer records, and workflow configurations is encrypted at rest using AES-256 encryption
  • Payment data is processed by PCI-DSS compliant third-party payment processors; Axova does not store, log, or transmit card numbers or banking credentials

7. Third-Party Sharing

Axova works with a limited number of trusted third-party service providers to operate our platform. We may share limited data with these providers strictly for operational purposes, including:

  • Cloud infrastructure and hosting providers (for platform hosting and data storage)
  • Payment processing partners (for subscription billing)
  • Customer support software providers (for support ticket management)
  • Internal analytics tools (for platform performance monitoring and product improvement)

All third-party providers are:

  • Bound by written data processing agreements
  • Prohibited from using your data for their own commercial purposes
  • Required to maintain appropriate security standards

We do not share Google Business Profile data with any third party outside of the operational scope of services you have explicitly configured and authorized. We do not sell, rent, or trade any client data or end-customer data for marketing, advertising, or any commercial purpose.

8. Your Data Rights

Depending on your applicable jurisdiction, you may have the following rights regarding your personal and business data held by Axova:

  • Right to Access: Request a full copy of the personal and business data we hold about you and your connected accounts
  • Right to Correction: Request correction of any inaccurate or incomplete data we hold
  • Right to Deletion: Request permanent deletion of your personal data and all associated Google Business Profile data from our systems
  • Right to Data Portability: Request a copy of your data in a commonly used, machine-readable format
  • Right to Restriction of Processing: Request that we pause or limit processing of your data in specific circumstances
  • Right to Object: Object to certain types of data processing including automated decision-making

To exercise any of these rights, please send an email to:
info@axova.in
Subject line: "Data Rights Request — [Your Full Name / Account Email]"
We will acknowledge your request within 5 business days and respond fully within 30 days.

9. Cookies & Tracking

The Axova website uses the following categories of cookies:

  • Strictly Necessary Cookies: Required for core platform functionality, authentication, and session management. These cannot be disabled.
  • Performance Cookies: Used to monitor platform performance and diagnose technical issues. No personal data is shared externally.
  • Preference Cookies: Used to remember your settings and configurations within the platform.

We do not use third-party advertising cookies, behavioral tracking cookies, or retargeting cookies without your explicit consent. You may manage cookie preferences through your browser settings at any time.

10. Children's Privacy

Axova is a business-to-business software platform designed exclusively for use by adults and registered business entities. We do not knowingly collect, process, or store personal data from individuals under the age of 18. If you have reason to believe we have inadvertently collected data from a minor, please contact us immediately at info@axova.in and we will take prompt action to delete the data.

11. Policy Changes

We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, legal obligations, or platform capabilities. When material changes are made, we will:

  • Update the "Last Updated" date at the top of this page
  • Send an email notification to all active Clients at least 14 days before the changes take effect
  • Display a prominent notice within the Axova platform dashboard

Your continued use of the Axova platform after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms. If you do not agree with the changes, you must discontinue use of the platform and may request deletion of your data.

12. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising from or related to this Privacy Policy shall be subject to the exclusive jurisdiction of the High Court of Judicature at Rajasthan, Jaipur Bench, Jaipur, Rajasthan, India.

13. Contact Us

For privacy requests, revocation, or concerns, our compliance team is available Monday to Saturday, 10 AM – 6 PM IST.

Axova Technologies
Jaipur, Rajasthan, India
Email: info@axova.in
Website: www.axova.in
Support Hours: Monday to Saturday, 10:00 AM – 6:00 PM IST