BotCart

Privacy Policy

Last updated: 6/15/2025

1. Introduction

Welcome to Botcart. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

Botcart ("we", "us", "our") operates as a Facebook comment automation tool that helps businesses manage their Facebook page interactions. This Privacy Policy applies to our website at botcart.com and our Facebook application.

By using our Services, you agree to the collection and use of information in accordance with this policy. We are committed to complying with Meta's Platform Terms, Developer Policies, and all applicable laws and regulations.

2. Data We Collect

We only collect data that is necessary for providing our services. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, username.
  • Contact Data includes email address and telephone numbers.
  • Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform.
  • Usage Data includes information about how you use our website and services.
  • Facebook Page Data includes comments, posts, and other content from your Facebook pages that you connect to our service.
  • Facebook User Data includes publicly available information about users who interact with your Facebook pages.
  • Facebook Ads Data includes information about your active Facebook ads to provide insights and automation capabilities.
  • Business Management Data includes business pages and assets you've connected to our service.

Specific Facebook Data We Use: To provide our comment automation service, we specifically access and process:

  • Facebook page names and IDs
  • Comment content on your posts
  • Names and profile information of users who comment (only publicly available information)
  • Comment timestamps
  • Comment reply content
  • Page post content that receives comments
  • Engagement metrics related to comments
  • Active Facebook ads data (using ads_read permission)
  • Business page management information

All of this data is used solely for the purpose of analyzing comment patterns, providing advertising insights, and generating appropriate automated responses to comments on your Facebook pages.

3. Facebook Data and API Usage

When you connect your Facebook page to Botcart:

  • We access your Facebook pages through the Facebook API with your explicit permission and only after you grant the necessary permissions.
  • We only request and use the minimum necessary permissions required to provide our service.
  • We collect data only for the specific purpose of providing our comment automation services.
  • We do not sell your Facebook data to third parties or use it for any purpose other than providing our service.
  • We do not scrape, buy, or otherwise collect data from Facebook through unauthorized means.
  • All data collection and processing complies with Facebook's Platform Terms and Developer Policies.
  • You can revoke our access to your Facebook data at any time through your Facebook settings or by contacting us.
  • We will promptly delete your Facebook data upon your request or when it's no longer needed for our services.

Important: Botcart does not "steal" or misuse data. We only access data with proper authorization and for legitimate service purposes as permitted by Meta's Platform Terms.

Meta Permissions We Use

To provide our services, we request the following specific permissions from Meta platforms:

  • pages_read_engagement: Allows us to read content posted on your pages and metrics about it
  • pages_manage_posts: Allows us to create, edit, and delete posts on your pages
  • pages_show_list: Allows us to see the list of pages you manage
  • pages_read_user_content: Allows us to read user-generated content on your pages
  • pages_manage_engagement: Allows us to manage comments and messages on your pages
  • pages_manage_metadata: Allows us to update page settings
  • ads_read: Allows us to read your active ads data to provide insights and automation capabilities
  • business_management: Allows us to access your business pages and assets

Each of these permissions is essential for Botcart to function properly. By granting these permissions, you explicitly authorize us to access and process the corresponding data as described in this Privacy Policy. These permissions are reviewed and approved by Meta through their app review process, ensuring our service complies with their policies.

To learn more about Meta permissions and how they work, you can visit Meta's Permissions Reference.

4. User Consent and Control

We obtain explicit consent before accessing any Facebook data. You have full control over:

  • What Facebook pages we can access
  • What permissions we have on those pages
  • When to revoke our access
  • Requesting deletion of your data

When connecting your Facebook account, you will see a clear permission screen from Meta that lists all permissions we're requesting and what data we'll have access to. You must explicitly approve these permissions before we can access any of your data. You can revoke these permissions at any time through your Facebook account settings.

We make it easy for you to understand what data we collect and how we use it. We will never change how we use your data without informing you and obtaining your consent when required.

5. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.

Specifically, we use your data to:

  • Provide, maintain, and improve our services
  • Process and complete transactions
  • Send you technical notices and support messages
  • Respond to your comments and questions
  • Develop new products and services
  • Monitor and analyze trends, usage, and activities in connection with our services
  • Train and improve our AI comment automation system to provide more accurate and helpful responses
  • Analyze comment patterns to enhance the performance of automated responses
  • Generate insights about comment engagement on your pages
  • Create and maintain your custom knowledge base for more personalized comment responses
  • Analyze your active Facebook ads data to provide relevant insights and automation capabilities
  • Manage your connected business assets efficiently

6. Data Sharing and Service Providers

We may share your personal data with:

  • Service providers who perform services on our behalf (e.g., hosting providers, payment processors)
  • Professional advisers including lawyers, bankers, auditors, and insurers
  • Regulatory authorities, law enforcement agencies, and other third parties when required by law

All third-party service providers are required to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Meta Platform Compliance: We do not transfer any Facebook data to any third party service provider unless such transfer is in compliance with Meta's Platform Terms. Any service provider with access to Facebook data has agreed to the same restrictions on data use as contained in Meta's Platform Terms.

7. Data Retention and Deletion

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

For Facebook page data, we retain:

  • Comments and posts for the duration of your subscription plus 30 days
  • Analytics data in an anonymized form for up to 12 months
  • Ads data only while actively being used for analysis and not stored long-term

Complete Data Deletion Process

When you disconnect your Facebook page from Botcart or terminate your account, we implement a thorough data deletion process:

  • Immediate Access Termination: We immediately terminate all API access to your Facebook page data
  • Page Data Deletion: Within 24 hours, we delete all page-specific data including:
    • All stored comments and responses
    • Comment history and response logs
    • User interaction data related to your page
    • Your custom knowledge base and response templates
    • Page configuration settings and automation rules
    • Any cached content from your Facebook page
    • All ads data and insights generated from your account
    • Business management information related to your account
  • Database Purge: We run a comprehensive database purge that removes all references to your page data from our primary databases
  • Backup Deletion: Your data is marked for deletion from our backup systems, with complete removal occurring within 30 days
  • Analytics Anonymization: Any analytics data is immediately anonymized and disconnected from your account
  • Verification Process: Our system performs an automated verification to ensure all data has been successfully deleted
  • Deletion Certificate: Upon request, we can provide a certificate confirming that all your data has been deleted from our systems

You can request deletion of your data at any time by contacting us, and we will comply with your request promptly, as required by Meta's Platform Terms. We maintain detailed logs of all deletion activities to ensure compliance with data protection regulations and Meta's requirements.

8. Data Security

We have implemented industry-standard security measures to protect your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.

These measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Staff training on data protection and security
  • Secure data storage with regular backups
  • Incident response procedures
  • Automatic detection and blocking of suspicious access attempts
  • Regular security audits of our Facebook data processing systems
  • Secure API access with token rotation and expiration enforcement
  • Data access logging and monitoring

We promptly report any security incidents involving Facebook data to Meta as required by the Platform Terms, and we will notify affected users as required by law.

9. Your Legal Rights

Under data protection laws, you have rights in relation to your personal data, including the right to:

  • Request access to your personal data
  • Request correction of your personal data
  • Request erasure of your personal data
  • Object to processing of your personal data
  • Request restriction of processing your personal data
  • Request transfer of your personal data
  • Right to withdraw consent

You can exercise any of these rights by contacting us at ronoknoon@gmail.com. We will respond to all legitimate requests within one month.

10. Third-Party Services

Our service integrates with Facebook and may use other third-party services such as:

  • Facebook (Meta Platforms, Inc.)
  • Google Analytics (Google LLC)
  • Payment processors

Each third-party service has its own privacy policy that governs how they use your data. We encourage you to review their privacy policies.

11. International Transfers

We may transfer your personal data to countries outside your country of residence. When we do, we ensure a similar degree of protection is afforded to your data by implementing appropriate safeguards.

These safeguards may include:

  • Using specific contracts approved by relevant data protection authorities
  • Relying on certifications such as the EU-US Privacy Shield
  • Transferring data only to countries deemed to provide adequate protection

12. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we learn we have collected personal data from a child under 16, we will delete that information promptly.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

14. Compliance with Meta Platform Terms

This Privacy Policy is designed to comply with Meta's Platform Terms and Developer Policies. In the event of any conflict between this Privacy Policy and Meta's requirements, Meta's requirements will prevail.

We regularly review our practices to ensure ongoing compliance with Meta's policies and will promptly update this Privacy Policy as needed to reflect any changes in Meta's requirements.

15. Special Provisions for Facebook Platform Data

In accordance with Meta's Platform Terms, we specifically commit to:

  • Not using Facebook data for any purpose other than providing our comment automation service
  • Not selling, licensing, or purchasing Facebook data
  • Not directly or indirectly transferring any Facebook data to any ad network, data broker, or other advertising or monetization-related service
  • Not using Facebook data to build profiles of individuals not using our service
  • Not using Facebook data to make eligibility decisions about users, including whether to approve or reject them or how much to charge them
  • Not putting Facebook data in a search engine or directory, or include web search functionality on Facebook
  • Ensuring that our use of Facebook data complies with all applicable laws, regulations, and industry guidelines
  • Notifying Meta promptly of any security breaches affecting Facebook data
  • Maintaining accurate records of all Facebook data processing activities
  • Implementing a comprehensive data deletion protocol when users disconnect their Facebook pages
  • Limiting data retention to only the time period necessary for providing our services

16. Google Services

We use various Google services to improve our platform's functionality. By using our services, you also accept Google's Terms of Service and Privacy Policy. These services are essential for certain functions of our platform, including analytics and authentication.

17. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us at:

Email: ronoknoon@gmail.com

By using Botcart, you acknowledge that you have read this Privacy Policy and agree to its terms.