Privacy Policy
Last updated: April 18, 2026
1. Introduction
Fairwai ("we", "us", "our") provides an AI-native operations platform for golf course operators, including a voice agent, inbox assistant, review management, marketing automation, and analytics. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over it.
This policy applies to our website at fairwai.co, our dashboard application, our APIs, and any integrations you connect — including the Google Gmail integration used by our inbox features.
For the purposes of the EU General Data Protection Regulation (GDPR) and India's Digital Personal Data Protection Act, 2023 (DPDP Act), Fairwai is the data controller (and data fiduciary, respectively) for the personal data described below.
2. Information we collect
We collect the following categories of information:
Account data — your name, work email address, a hashed version of your password, and the name of the golf course or organization you operate.
Usage data — your IP address, browser type, pages visited, timestamps, referrer URLs, and error logs generated as you use the service.
Voice call data — when the Fairwai voice agent is deployed to answer calls on your behalf: call audio, transcripts, caller phone numbers, and call metadata (duration, start/end times, outcomes).
Google user data (OAuth Gmail integration) — when you connect a Gmail account, we access message headers, message bodies (including attachments where the user chooses to include them), thread metadata, labels, and sender and recipient email addresses. Access is granted only after you complete Google's OAuth consent flow and is limited to the scopes you authorize (typically gmail.readonly and gmail.send).
Course operational data — bookings, customer records, marketing lists, review content, and campaign data that you enter into or connect with the service.
3. How we use your information
We use the information we collect to:
- Operate the service — summarize Gmail threads, draft and send replies on your behalf, power the voice agent, manage online reviews, run marketing campaigns, and produce analytics.
- Improve the service — aggregate usage analytics, debug errors, understand how features are used.
- Keep the service secure — detect abuse, prevent fraud, investigate suspected policy violations.
- Provide support — respond to your requests and troubleshoot issues.
- Meet legal obligations — comply with applicable laws and enforce our terms.
Limited Use (Google API Services User Data Policy). Fairwai's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
4. AI processing and sub-processors
We use third-party sub-processors to operate the service. Some of these process Google user data and voice transcripts on our behalf:
- Google Gemini (via the Gemini API) and Anthropic Claude (via the Anthropic API) — large language models used for inference. Message contents and voice transcripts are sent to these APIs to produce summaries, drafts, and voice responses.
- Google Cloud — the Gemini Live API is used for real-time voice interaction.
- Neon — managed PostgreSQL hosting used as our primary data store.
- Render — application hosting for the API and dashboard.
- Twilio — telephony infrastructure used by the voice agent.
None of these sub-processors train their models on Fairwai customer data. Each operates under their enterprise or API terms which prohibit such training.
5. Human access to Google user data
Fairwai personnel do not routinely read the contents of customer Gmail accounts. Authorized Fairwai personnel may access Google user data only in the following circumstances:
- when you explicitly request support that requires it;
- when we are investigating a specific security incident or a suspected policy violation;
- when we are legally compelled to do so;
- for limited, infrequent quality assurance review of AI output — aggregated or anonymized where feasible.
All such access is logged.
6. Data storage, retention, and deletion
Primary storage is Neon PostgreSQL (United States region). Data is encrypted at rest using AES-256 and in transit using TLS 1.2 or higher.
We retain your data while your account is active. On account termination, data is deleted within 30 days, except where we are required to retain records to comply with legal obligations.
Revoking OAuth consent — via your Google Account settings or from within the Fairwai dashboard — causes us to immediately delete the stored OAuth tokens. Any cached Gmail content is deleted within 30 days of revocation.
You can request deletion of your data at any time by emailing hello@fairwai.co.
7. Your rights
Depending on your jurisdiction, you may have rights including: access, correction, deletion, export (portability), restriction of processing, objection to processing, and withdrawal of consent.
India (DPDP Act, 2023). Data principals have rights of access, correction, and grievance redressal. Our grievance officer can be contacted at hello@fairwai.co.
EU / EEA (GDPR). Our lawful bases for processing are contract performance (operating the service) and legitimate interest (security, analytics, support). You have the right to lodge a complaint with your local supervisory authority.
California (CCPA). We do not sell personal information. You have rights to know, to delete, and to non-discrimination for exercising your rights.
To exercise any of these rights, email hello@fairwai.co. We will respond within 30 days.
8. Children
The service is not directed to anyone under the age of 18. We do not knowingly collect personal data from children.
9. International transfers
Your data may be processed in India and the United States. Transfers rely on standard contractual clauses and the privacy frameworks published by the respective processors.
10. Cookies and tracking
We use essential cookies for authentication and session management. We use minimal analytics to understand how the service is used and to improve it. We do not use third-party advertising cookies.
11. Security
We protect your data with TLS in transit, AES-256 encryption at rest, role-based access controls, and audit logging. We maintain an incident response process and commit to notifying affected users without undue delay on discovery of a personal data breach.
12. Changes to this policy
We may update this policy from time to time. Changes will be posted here and the effective date updated. Material changes — those affecting your rights or the scope of processing — will be communicated to account holders by email at least 30 days before they take effect.
13. Contact
Fairwai
Tamil Nadu, India
Email: hello@fairwai.co