1. Who we are
Halaqa ("we", "us", "our") is a Qatar-based AI receptionist service operated by Nasser Al-Solaitti (Commercial Registration #332887). We provide WhatsApp AI receptionist services for healthcare clinics, dental clinics, salons, and small businesses in Qatar and the GCC.
Our registered address is Doha, Qatar. We can be reached at [email protected] or via WhatsApp at +974 3399 6338.
2. What data we collect
When you use Halaqa (as a business owner) or interact with a Halaqa-powered WhatsApp account (as a customer of that business), we collect different types of data.
Data collected from business owners (you):
- Contact information: name, email address, phone number, business name
- Business configuration: services offered, pricing, working hours, staff Telegram handles
- Payment and billing information (processed by our payment provider, not stored by us)
- Meta WhatsApp Business API credentials (stored encrypted, used only for message delivery)
Data collected from customers of our business clients:
Important: The business (our client) is the data controller for their customers' data. We act as a data processor — we process this data only on the business's instructions to deliver the Halaqa AI receptionist service. We do not own or sell this data.
- WhatsApp messages sent by the customer to the business's WhatsApp Business number
- Appointment booking information: requested service, date/time, customer name (if provided), phone number
- Reminder delivery status (sent, delivered, read receipts — where available)
- Conversation metadata: timestamp, session ID, language detected
We do not collect the content of voice messages or media files shared by customers.
3. How we use your data
We use collected data for the following purposes:
- Delivering the AI receptionist service: routing messages, generating AI responses, confirming appointments, sending reminders
- Improvement: monitoring service quality, identifying errors, improving response accuracy (done on anonymized or aggregated data where possible)
- Support: responding to your support requests, troubleshooting issues
- Billing: generating invoices, processing subscription payments
- Security: detecting and preventing abuse, fraud, or unauthorized access
- Legal compliance: complying with Qatar law, responding to valid legal requests
We do not use customer conversation content for training AI models without explicit consent.
4. Who we share data with
We share data only in the following circumstances:
- Meta / WhatsApp: messages are delivered via the official WhatsApp Business API. Meta's own privacy policy applies to data handled by their systems.
- Telegram: urgent escalations are routed to your designated staff via Telegram bot message.
- Sub-processors: we use cloud infrastructure providers (servers in Qatar/region) for data storage and processing. All sub-processors are contractually bound to data protection obligations.
- Legal obligations: we will share data if required by Qatar law, court order, or government authority.
We do not sell, rent, or otherwise share your data with third parties for marketing purposes.
5. Data retention
Data retention periods:
- Business owner account data: retained while your account is active and for 12 months after account closure for legal and tax compliance purposes.
- Customer conversation data: retained for 90 days from the conversation date by default (businesses on the Pro and Elite plans can customize this to 30, 90, 180, or 365 days).
- Appointment records: retained for the duration of the booking + 30 days, or longer if required for dispute resolution.
- Support logs: retained for 12 months.
After the retention period, data is securely deleted or anonymized.
6. Your rights under Qatar's PDPL
Qatar's Personal Data Privacy Protection Law (Law No. 13 of 2016) grants individuals the following rights regarding their personal data:
- Right to access: individuals can request a copy of their personal data held by us
- Right to correction: individuals can request correction of inaccurate personal data
- Right to deletion: individuals can request deletion of their personal data ("right to be forgotten"), subject to legal retention requirements
- Right to object: individuals can object to processing in certain circumstances
- Right to data portability: where applicable, individuals can request their data in a machine-readable format
To exercise any of these rights, contact us at [email protected] with the subject line "PDPL Rights Request". We will respond within 30 days.
If you are a customer of one of our business clients and wish to exercise rights over your data that is held by that business, please contact that business directly. We cannot respond to data subject requests from individuals who are not our direct customers.
7. Cookies
Our website (halaqa.co) uses minimal cookies:
- Essential cookies: required for the website to function (e.g., language preference). No consent required.
- Analytics: we use privacy-friendly analytics (SearXNG-hosted, no tracking cookies). No personal data is stored.
We do not use advertising cookies or third-party tracking cookies.
8. Children's data
Halaqa's services are not directed at children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will promptly delete it.
9. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify business owners of material changes via email and by posting the updated policy on this page with a revised "Last reviewed" date.
Continued use of Halaqa after changes take effect constitutes acceptance of the revised policy.