Last updated: 19 June 2026
This Privacy Policy explains how Madyis Hub ("we", "us", the "Service") collects, uses, shares and protects personal data when you use our website, dashboard and related services. By using Madyis Hub, you agree to this policy.
Madyis Hub is an omnichannel customer-support platform that lets businesses centralize their customer conversations and deploy AI assistants. The Service is operated by MADYIS SOFTWARE – FZCO (IFZA license 68869, Dubai, United Arab Emirates). For any question about this policy or your data, contact us at contact@madyishub.io. See also our Legal notice.
If you connect a Facebook Page, Instagram account, Messenger or WhatsApp number, we access only the data needed to deliver messaging features — your Pages list, and the messages and basic profile information of people who contact you. This data is used solely to display and manage those conversations inside your Madyis Hub inbox. We do not sell it, and we do not use it for advertising. Access can be revoked at any time by disconnecting the channel in your settings or in your Meta account settings.
If you connect a Shopify store, Madyis Hub accesses your store's customer and order information (specifically the read_customers, read_orders and read_fulfillments scopes) for the sole purpose of displaying the relevant customer's order history to your support agents inside the conversation, so they can answer customer questions on your behalf. This information is retrieved live from Shopify on demand and is not stored on our servers; we only keep your store domain and an access token required to make those requests. That access token is removed when you disconnect the integration or when Shopify notifies us that your shop's data must be redacted. We never sell this data and never use it for advertising or automated decision-making. You can revoke access at any time by disconnecting the integration in your settings or by uninstalling the app from your Shopify admin. The same principles apply to other e-commerce integrations you may connect (e.g. WooCommerce).
Madyis Hub offers two optional, opt-in Google integrations. Neither is enabled by default; we access Google user data only after you explicitly connect your Google account and approve the requested scopes on Google's own consent screen.
calendar.events scope) — we read your calendar's busy/free times to compute available appointment slots, and create an event on your behalf (with a Google Meet link and an email invitation) when an appointment is booked. We do not access calendar data beyond what is needed to determine availability and to create the appointment you requested.business.manage scope) — we read the reviews of the business location you choose and publish replies to them on your behalf, with your authorization. Replies can be drafted by AI for your approval.We also use the basic openid and email scopes solely to display which Google account is connected.
These two integrations are the only Google services Madyis Hub connects to. We do not access Gmail, Google Drive, Google Contacts, Google Photos, or any other Google data unrelated to the features described above.
How we use Google user data. Notwithstanding the general purposes described in section 3, Google user data is used only to provide and improve the user-facing features described above (Google Calendar appointment booking and Google Business Profile review replies). We do not use Google user data for any other purpose: it is never used to develop, improve or train generalized artificial-intelligence or machine-learning models, never used for advertising, and never sold. No human reads Google user data except where it is necessary to operate the feature you enabled, to comply with applicable law, to ensure security and prevent abuse, or where you have given your explicit consent.
With whom we share, transfer or disclose Google user data. We do not sell Google user data and do not share, transfer or disclose it to any third party, except the limited sub-processors strictly necessary to operate the feature you enabled: our cloud hosting provider (servers located in the European Union), which stores the data on our behalf; and our AI provider (OpenAI), which receives Google data only as needed to power the assistant — for the Google Business Profile reviews feature, the review content (the reviewer's name, star rating and text), in order to draft a suggested reply; and, for the Google Calendar feature, when our AI assistant helps a customer schedule, the computed availability time-slots derived from your calendar's busy/free data (start and end times only — never raw event titles, attendees or descriptions) so it can propose appointment times. OpenAI is contractually bound to use this data solely to provide that service to us and not to train its models on it. We never share Google user data for advertising, never sell it, and never transfer it to data brokers or for any purpose unrelated to the user-facing features described above.
How we protect Google user data. Google user data — including the OAuth access and refresh tokens — is encrypted in transit (TLS/HTTPS) and is kept in restricted, access-controlled storage on servers located in the European Union, accessible only to the limited personnel and systems required to operate the feature. Cached Google Business Profile review content is automatically deleted after at most 30 days. When you disconnect an integration or delete your account, we delete the associated Google user data and the stored OAuth tokens, and revoke the tokens with Google. You can also revoke Madyis Hub's access at any time from your Google Account at myaccount.google.com/connections.
Limited Use. Madyis Hub's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
A fuller description of the Google Business Profile integration is available on our Google data usage page.
We rely on trusted providers who process data on our behalf, including: OpenAI (AI-generated replies, including suggested replies to Google reviews), Stripe (payments), Resend (transactional email), Meta (social messaging integrations) and our cloud hosting provider (data storage, located in the European Union). Each is bound by data-protection terms and may use the data only to provide its service to us. The specific sub-processors that may receive Google user data are listed in section 6.
We protect personal data — and in particular sensitive data such as Google user data, OAuth tokens, authentication credentials and message content — with technical and organizational measures, including: encryption in transit (TLS/HTTPS) for all data, hashed passwords, OAuth tokens kept in restricted, access-controlled storage, role-based access controls that limit access to authorized personnel only, hosting on access-controlled infrastructure located in the European Union, and regular security review of our code. No method of transmission or storage is perfectly secure, but we use industry-standard safeguards to protect your data.
We keep personal data for as long as your account is active or as needed to provide the Service, then delete or anonymize it within a reasonable period, unless a longer retention is required by law. Cached Google Business Profile review content is deleted after at most 30 days. Data accessed through connected stores (such as Shopify) is fetched on demand and not retained beyond the live request.
Subject to applicable law (including the GDPR), you may request access to, correction of, deletion of, or a copy of your personal data, and object to or restrict certain processing. To exercise these rights, contact contact@madyishub.io.
You can request deletion of your data — including data obtained through Google, Meta or Shopify — at any time by emailing contact@madyishub.io with the subject "Data deletion request", or by deleting your account from the dashboard. We will process verified requests within 30 days.
We use essential cookies to keep you signed in and to remember preferences (such as language). We do not use third-party advertising cookies.
Where data is transferred outside your country, we use appropriate safeguards (such as standard contractual clauses) to protect it.
We may update this policy from time to time. Material changes will be announced on this page with a new "Last updated" date.
Questions? Email contact@madyishub.io.