Privacy & Data Rights
Data Deletion Process
You have the right to request complete deletion of your personal data from Amezly's systems. This page explains exactly what gets deleted, what we are legally required to retain, and how to submit your request.
๐
Policy effective: June 10, 2026
๐ฎ๐ณ DPDPA 2023 compliant
โฑ๏ธ Completed within 30 days
30 days
Max deletion time
72 hrs
Confirmation response
100%
Free of charge
DPDPA
2023 compliant
โ๏ธ Your Data Rights
Under India's Digital Personal Data Protection Act, 2023 (DPDPA) and international best practices, you have the right to request erasure of your personal data held by Amezly Technologies. We are committed to honouring these rights fully and transparently.
๐๏ธ
Right to Erasure
Request deletion of all personal data we hold about you. We will permanently erase it from our active systems within 30 days of verification.
๐
Right to Data Portability
Before deletion, you can request a full export of your data in JSON or CSV format. You have 7 days to download your export after it's generated.
โ๏ธ
Right to Correction
If any of your personal data held by Amezly is inaccurate, you can request correction at any time from your Account Settings or by contacting privacy@amezly.com.
๐ซ
Right to Object
You may object to processing of your personal data for direct marketing, profiling, or analytics. We will stop that specific processing within 72 hours of your request.
๐ฎ๐ณ
DPDPA 2023 โ India's Data Protection Law
The Digital Personal Data Protection Act 2023 grants Indian citizens strong data rights. Amezly is fully compliant and will process all deletion requests within the statutory 30-day window. You may also lodge a complaint with the Data Protection Board of India if you believe your rights have been violated.
๐ What Gets Deleted vs Retained
When your deletion request is processed, we permanently erase all personal data from our active systems. However, we are legally required to retain certain records for compliance with Indian tax law, financial regulations, and fraud prevention obligations.
๐๏ธ Permanently Deleted
- โ Your account profile (name, email, phone, photo)
- โ All chatbot conversation logs and transcripts
- โ Lead and contact records in your CRM
- โ Voice call recordings and transcripts
- โ WhatsApp message history
- โ Email campaign data and open/click tracking
- โ Analytics event data linked to your identity
- โ API keys and webhook configurations
- โ Widget configuration and embed settings
- โ Uploaded documents, FAQs, and product catalogues
- โ Team member accounts linked to your organisation
- โ All cookies and session tokens
๐ Legally Retained
- ! Invoice records (7 years โ Income Tax Act 1961)
- ! GST transaction records (7 years โ CGST Act)
- ! Payment confirmation receipts (Razorpay records)
- ! Fraud and abuse prevention logs (anonymised)
- ! Legal dispute records (if a dispute is active)
- ! Regulatory compliance audit trails
- ! Anonymised aggregate analytics (no PII)
All retained records are stored in isolated, access-controlled archives and are not used for any marketing or product purposes. They are deleted as soon as the legal retention period expires.
๐ก
Want your data before deletion?
You can request a full export of your data (JSON + CSV) before submitting a deletion request. Go to Dashboard โ Settings โ Privacy โ Export My Data, or email privacy@amezly.com. Export is ready within 48 hours and available for 7 days.
โฑ๏ธ Deletion Timeline
Here is exactly what happens after you submit a deletion request โ step by step, with committed timeframes at every stage.
๐ฌ
Step 1
Request Received
You submit the deletion request form below, or email privacy@amezly.com. Your request is logged in our privacy management system with a unique reference number.
โก Instant โ auto-confirmation email sent immediately
๐ชช
Step 2
Identity Verification
We verify your identity to prevent fraudulent deletion of others' data. For account holders, we send a verification link to your registered email. For social login users (Google/Facebook), we may ask for an additional confirmation step.
โฑ๏ธ Within 24 hours of submission
๐ก
If you no longer have access to your registered email, contact us at privacy@amezly.com with your organisation name and last invoice number for alternative verification.
๐
Step 3
Data Mapping & Review
Our data protection team maps all personal data associated with your account across every system โ PostgreSQL databases, ClickHouse analytics, file storage, email archives, and backup systems. We check for any active legal holds (ongoing disputes, open invoices) that may affect scope.
โฑ๏ธ Within 7 days of verification
๐๏ธ
Step 4
Active Data Deletion
Personal data is permanently deleted from all active databases, object storage, search indexes, and caches. This includes your account record, conversation logs, CRM data, uploaded files, API keys, and analytics events. Your account is deactivated immediately.
โฑ๏ธ Within 14 days of verification
๐
Deletion from active systems uses cryptographic erasure for encrypted data fields and secure overwrite for file storage โ ensuring data cannot be recovered even from storage media.
๐๏ธ
Step 5
Backup Purge
Your data is flagged for purge in our automated backup rotation cycle. Encrypted backups containing your data are overwritten as part of our standard 30-day backup rotation. New backups created after Step 4 will not contain your personal data.
โฑ๏ธ Within 30 days of deletion request
โ
Step 6
Completion Certificate
We send you a signed Data Deletion Completion Certificate via email โ confirming what was deleted, the date of deletion, and which categories of data were legally retained and why. Keep this for your records.
โฑ๏ธ Within 30 days of request โ by email
๐ Data Categories & Retention Periods
The table below lists every category of personal data Amezly holds, where it is stored, and how quickly it is deleted upon a valid request.
| Data Category | Where Stored | Deletion Timeline | Legal Basis for Retention (if any) |
|---|---|---|---|
| Account profile (name, email, phone) | PostgreSQL โ users table | Immediate | None โ deleted on request |
| Chatbot conversation logs | PostgreSQL โ messages table | Immediate | None โ deleted on request |
| Voice call recordings | Object storage (S3-compatible) | Immediate | None โ deleted on request |
| CRM leads & contacts | PostgreSQL โ leads/contacts tables | Immediate | None โ deleted on request |
| WhatsApp message history | PostgreSQL + MSG91 logs | Within 30 days | MSG91 retention policy (30 days) |
| Analytics events (ClickHouse) | ClickHouse โ events table | Immediate | Aggregate anonymised data retained |
| Email campaign data | PostgreSQL + Stalwart mail | Within 30 days | None โ deleted on request |
| Uploaded files (FAQs, catalogues) | Object storage | Immediate | None โ deleted on request |
| Payment records & invoices | PostgreSQL + Razorpay | 7 years | Income Tax Act 1961 / CGST Act โ mandatory |
| GST invoice data | Accounting system | 7 years | CGST Act 2017 โ statutory requirement |
| Fraud / abuse prevention logs | Isolated security archive | 90 days post-deletion | Fraud prevention โ anonymised after account deletion |
| Backup snapshots | Encrypted backup storage | 30-day rotation | Overwritten in standard backup cycle |
๐ Third-Party Data
Some of your data may also be held by third-party services that Amezly integrates with. Deleting your Amezly account does not automatically delete data from these services โ you may need to contact them separately.
Auto-notified
Razorpay
Payment processor. Holds payment method tokens and transaction records. Razorpay retains financial records for 7 years per RBI regulations.
๐ง support@razorpay.com
Manual request
Google Analytics
Holds anonymised session data associated with your website visits. Use Google's opt-out tool or contact Google directly to request deletion.
๐ GA opt-out tool โ
Manual request
MSG91 (WhatsApp / SMS)
Holds WhatsApp and SMS message logs for up to 30 days. We notify MSG91 of your deletion; they process their own retention separately.
๐ง support@msg91.com
Auto-notified
Vobiz (Voice Calls)
Holds call records and recordings associated with your DID. We notify Vobiz on deletion; call logs are removed from their system within 30 days.
๐ง support@vobiz.in
Manual request
Meta (Facebook / Instagram)
If you connected a Facebook account or used Meta Pixel, Meta may hold activity data. Request deletion directly via Meta's Privacy Centre.
Manual request
OpenRouter / LLM APIs
Conversation messages may be processed via OpenRouter. Per their privacy policy, prompts are not stored beyond the session. No deletion action required.
๐ Submit a Deletion Request
โ ๏ธ
This action is permanent and irreversible
Once your deletion request is verified and processed, your data cannot be recovered. Please ensure you have downloaded any data you need before submitting. You will lose access to your Amezly dashboard immediately upon verification.
๐พ
Export your data first (recommended)
Download all your data before requesting deletion: Dashboard โ Settings โ Privacy โ Export My Data. Your export (JSON + CSV) will be ready within 48 hours and available for 7 days.
๐๏ธ Data Deletion Request Form
Fill in the details below. We will verify your identity and confirm receipt within 72 hours. All fields marked * are required.
โ
Request Submitted
Check your registered email for confirmation and your reference number. We will respond within 72 hours.
Reference: DEL-2026-
๐ง
Prefer to email?
Send your request to privacy@amezly.com with the subject line "Data Deletion Request โ [Your Registered Email]". Include your full name, registered email, and organisation name. We will respond within 72 hours.
๐ฎ What Happens After Deletion
Once your deletion is complete, here is what changes:
- โ Your Amezly dashboard, login, and all access are permanently deactivated. You cannot log back in.
- โ Your AI chatbot widget stops working on your website immediately. The widget will show an offline message or become invisible depending on your configuration.
- โ Any WhatsApp automations and voice agent integrations connected to your account are immediately deactivated.
- โ Your API keys are revoked. Any third-party services calling the Amezly API with your keys will receive 401 Unauthorized errors.
- โ If you were on a paid plan, your subscription is cancelled immediately. No further charges will be made. Unused days in the billing cycle are not refunded (see Refund Policy).
- โ You will receive a Deletion Completion Certificate by email within 30 days confirming what was deleted and the date of deletion.
๐
Changed your mind? You can sign up again.
After deletion, you are free to create a new Amezly account at any time using the same or a different email address. Your previous data will not be restored โ the new account starts fresh. There is no cooling-off period or waiting time.
๐ฌ Contact Our Data Protection Officer
For questions about data deletion, your rights, or the status of an existing deletion request, contact our Data Protection Officer directly. We are committed to responding within 72 hours on working days.
๐ก๏ธ
Contact DPO
Data Protection Officer
Amezly Technologies โ Responsible for all data privacy, deletion, and compliance matters under DPDPA 2023.
๐ง Email: privacy@amezly.com
๐ Subject line: "Data Deletion โ [Your Ref Number]"
๐ Address: Koramangala, Bangalore โ 560034, Karnataka, India
โฑ๏ธ Response SLA: 72 hours (MonโFri, 10 AMโ6 PM IST)
๐
Completion deadline: 30 days from verified request
Read Our Privacy Policy
Data deletion is one part of our privacy commitment. Read our full Privacy Policy to understand how we collect, use, and protect your data.