📋 In short
We collect your data only to operate Answify and improve your experience. We never sell it to third parties. Your data is stored in Europe, encrypted, and you can delete it at any time.
This notice applies to the processing of personal data of the User (if a natural person) or the User's representative who uses the application on their behalf. It complies with the GDPR (EU 2016/679) and the Belgian Data Protection Act of July 30, 2018.
Data Controller
The data controller is:
Registered office: (pending registration)
Crossroads Bank for Enterprises: (pending)
Email: contact@answify.com
For any questions regarding your data, you can contact us by mail at the address above or by email.
Collected Data
3.1 Data provided directly
- Identification data: first name, last name
- Contact data: address, email, phone number
- Meta account data: profile picture, Instagram and/or Facebook account name
- Facebook/Instagram activity: received messages, comments, posts
- Financial/billing data: account number, VAT number (processed via the app store)
- AI Profile: brand description, tone, products, custom templates
3.2 Data collected automatically
- Usage data: visited pages, used features, session duration
- Technical data: IP address, browser, operating system, device identifier
- Cookies: detailed in section 10
3.3 Third-party data processed on your behalf (Input Data)
Answify acts as a data processor for the data of individuals who send you messages or post comments on your Meta pages:
- Identification data (first name, last name) and Facebook/Instagram profile picture
- Questions, opinions, and content of messages/posts
- Metadata (date, time, reactions to the message/post)
Purposes and Legal Basis
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing the Service — ensuring proper execution of Services, enabling communication | Art. 6.1.b — Performance of a contract |
| Payment — billing and payment processing | Art. 6.1.b — Performance of a contract |
| Accounting and taxation — Belgian legal obligations | Art. 6.1.c — Legal obligation |
| Defense of legal interests — in case of a dispute | Art. 6.1.f — Legitimate interest |
| Platform security — preventing fraud and unauthorized access | Art. 6.1.f — Legitimate interest |
| Service improvement — aggregated and anonymized analytics | Art. 6.1.a — Consent or Art. 6.1.f — Legitimate interest |
Data Recipients
To the extent necessary for the above purposes, data may be communicated to the following categories of third parties:
| Category | Examples |
|---|---|
| IT Providers | Hosting (AWS Frankfurt), AI (OpenAI/Anthropic), transactional emails, monitoring |
| Payment Providers | Apple App Store, Google Play Store |
| Legal Advisors | Lawyers, bailiffs (in case of dispute) |
| Tax & Social Authorities | Belgian tax administration, social security |
| Accountants | External accounting manager |
| Meta Platforms | Instagram, Facebook — access via official APIs |
Each IT provider is bound by a Data Processing Agreement (DPA) compliant with the GDPR.
Non-EU Data Transfers
Data may be transferred outside the EEA in two cases:
- Countries subject to an adequacy decision by the European Commission
- Countries without an adequacy decision — framed by Standard Contractual Clauses (SCCs) adopted by the European Commission, supplemented by additional measures if necessary
Data Retention
- Active account data: for the entire duration of the contract
- After contract termination: 10 years (Belgian accounting legal obligation)
- In case of dispute: as long as necessary to defend Answify's interests
- Unconverted free trial: deletion within the month following expiration
- Account deletion: deletion of Input Data within a reasonable time, except for legal obligations
- Analytical cookies: maximum 13 months
Your Rights
In accordance with the GDPR, you have the following rights, exercisable at contact@answify.com:
🔍 Right of access (Art. 15)
Obtain a copy of your data and information on its processing, as well as transfer to a third party (portability).
✏️ Right to rectification (Art. 16)
Correct inaccurate or incomplete data.
🗑️ Right to erasure (Art. 17)
Request the deletion of your data, subject to our legal obligations. Account deletion is possible directly within the app.
🚫 Right to object (Art. 21)
Object to processing based on legitimate interest, especially for direct marketing.
⚖️ Right to lodge a complaint with a supervisory authority
Rue de la Presse, 35 — 1000 Brussels · Tel: +32 2 274 48 00
contact@apd-gba.be · dataprotectionauthority.be
Meta Data — Instagram & Facebook
This section specifies the conditions of data access via official Meta APIs, in accordance with Meta Business verification requirements.
9.1 Data accessible via Meta API
- Messages received in your Instagram Direct and Facebook Messenger inbox
- Public comments on your Facebook and/or Instagram posts
- Basic profile information of your contacts (display name, public avatar)
- Message metadata (date, time, conversation ID)
9.2 What we do NOT access
- News feed or personal posts
- Friend or follower lists
- Advertising data or Meta pixels
- Any data not necessary for the Messaging Service
9.3 Use of Meta data
Meta data is used exclusively to generate suggested replies to messages and comments. It is not sold, used for advertising purposes, or shared with unauthorized third parties.
9.4 Roles in processing
As a User, you are the data controller of your contacts' data. Answify acts as a data processor, in accordance with the Data Processing Agreement attached to the Terms of Use.
9.5 Revoking access
- Instagram: Settings → Security → Apps and websites
- Facebook: Settings → Security → Apps and websites
- Or directly from your Answify account settings
Cookies and Trackers
Our website uses cookies to identify visitors, understand their business sector, and adapt our marketing communication. Manage your preferences via the consent banner during your first visit.
Strictly necessary cookies Always active
- Authentication session (keeps you logged in)
- Security protection (CSRF)
- Memorization of consent preferences
- Anonymous visitor ID (first-party, no personal data)
Analytical & marketing cookies With consent
- Audience measurement and navigation analysis (aggregated data)
- Inference of the visitor's business sector (e-commerce, restaurant, coach, agency...) for adapted marketing targeting
- Tracking UTMs and acquisition sources
- Tracking of features used (non-identifying data)
Third-party cookies With consent
- Apple App Store / Google Play Store: required for transactions
Refusing analytical cookies does not affect the operation of the application.
Data Security
- Encryption in transit: TLS 1.3
- Encryption at rest: AES-256
- Passwords: hashed with bcrypt, never stored in plain text
- Internal access: principle of least privilege, mandatory 2FA
- Backups: daily, encrypted, kept for 30 days
- Monitoring: 24/7 surveillance, automatic alerts
- Logging: access logs securely kept
In the event of a data breach likely to result in a risk, Answify will notify the Belgian DPA within 72 hours and the individuals concerned as soon as possible (Art. 33 and 34 GDPR).
To report a vulnerability: contact@answify.com
Protection of Minors
Answify is exclusively intended for professionals and entrepreneurs (18 years and older). We do not knowingly collect data from minors. If you believe a minor has created an account, contact us at contact@answify.com.
Amendments to this policy
Answify may modify this policy at any time. In the event of changes, you will be informed by email and/or via the application. Your continued use of Answify after notification constitutes acceptance. Previous versions are available upon request.
Contact Us
To exercise your rights or for any questions regarding your data:
contact@answify.com
dataprotectionauthority.be
This policy is governed by Belgian law and the GDPR. In case of dispute, the competent courts are those of Liège, Belgium.