Privacy Policy

Legal entity

Daver L.L.C-FZ

Address

Meydan Grandstand Hotel 9, Dubai, United Arab Emirates

Brand / Trade name

Benito (benito.im)

Contact email (privacy)

privacy@benito.im

Website

https://benito.im

If you use our mobile app, website, or contact us through WhatsApp, email, or phone, we act as the data controller for the personal data we process.

Depending on how you interact with us, we may collect:

A) WhatsApp communications

• Your phone number (and WhatsApp profile identifier)
• Your name as displayed on WhatsApp (if available)
• Message content you send us (text, audio, images, files)
• Metadata related to messages (timestamps, delivery status, device/app info provided by WhatsApp)
• Any information you voluntarily share in chat (e.g., requests, preferences, contact details)

B) When you use our website or forms

• Contact details (name, email, phone)
• Form responses and support requests
• Basic technical data (IP address, browser type) for security and abuse prevention

C) When you use our mobile application

• Account and authentication data — email address, name, and profile information you provide when creating an account
• Messages and content — text, images, audio recordings, and files you send through the app
• Push notification tokens — device tokens (Apple Push Notification service for iOS, Firebase Cloud Messaging for Android) to deliver notifications to your device
• Location data — only when you explicitly grant permission, used to help with location-based requests (e.g., finding nearby services, directions)
• Camera and photo library access — only when you explicitly grant permission, used to capture or select images and files to attach to your requests
• Microphone access — only when you explicitly grant permission, used to record voice messages
• Device information — device type, operating system version, app version, and language settings

We do not intentionally collect sensitive personal data (e.g., health, religion, political views). If you share it in a message, we will treat it with increased care and limit processing to what is strictly necessary.

We process personal data to:

• Provide AI-powered task assistance and respond to your requests
• Deliver our services and manage your conversations with us
• Send transactional messages and push notifications (e.g., confirmations, updates, reminders, task progress)
• Process your messages using artificial intelligence to generate relevant responses and complete tasks on your behalf
• Improve service quality, internal analytics, and troubleshooting
• Prevent fraud, abuse, and security incidents
• Comply with legal obligations and enforce our terms

Where applicable, we rely on one or more of these legal bases:

• Performance of a contract — to provide the service you request, including AI-powered task execution
• Legitimate interests — support, quality improvement, security, fraud prevention
• Consent — when required for certain features (e.g., location access, microphone, push notifications, marketing messages); you can withdraw anytime
• Legal obligation — compliance, responding to lawful requests

If we send marketing or promotional messages (where permitted), you can opt out at any time by:

• Replying "STOP" in WhatsApp, or
• Disabling push notifications in your device settings, or
• Contacting us at privacy@benito.im

We will respect opt-out requests as soon as reasonably possible.

Benito uses artificial intelligence (AI) to process your messages and carry out tasks on your behalf. This means:

• Your messages and task-related data are sent to third-party AI model providers (currently Anthropic, for their Claude language model) for processing
• AI processing is essential to the core functionality of our service — it is how Benito understands your requests and executes tasks
• We do not use your data to train AI models. Our AI providers process data under our instructions and do not retain it for their own training purposes
• AI-generated outputs (plans, recommendations, actions) are based on the information you provide and publicly available data

You can request a human review of any AI-generated decision by contacting us at privacy@benito.im.

When you communicate with us on WhatsApp, Meta Platforms, Inc. / WhatsApp processes data as an independent controller for its own purposes (e.g., delivering the service, security). Your use of WhatsApp is also subject to WhatsApp's own terms and privacy policy.

We use the WhatsApp Business Platform (including WhatsApp Cloud API and/or an authorized Business Solution Provider). Message delivery and certain metadata are handled by WhatsApp/Meta systems.

We may share personal data only when necessary with:

• AI providers — Anthropic (Claude) for message processing and task execution
• Authentication provider — Clerk for secure account sign-in and identity management
• Push notification services — Apple Push Notification service (APNs) and Google Firebase Cloud Messaging (FCM) for delivering notifications to your device
• Mapping services — Google Maps for location-based features
• WhatsApp / Meta — for message delivery and platform operation
• Cloud infrastructure — hosting, database, and storage providers
• Professional advisors — legal, accounting where needed
• Authorities — if required by law, court order, or to protect rights/safety

These providers act as data processors under our instructions and are contractually obligated to protect your data.

We do not sell your personal data.

For more information on how these third parties handle data, see their privacy policies: Anthropic, Clerk, Firebase / Google, WhatsApp / Meta.

We are based in the United Arab Emirates, and our service providers (including WhatsApp/Meta, Anthropic, Google, and others) may process data in other countries, including the United States.

When required, we use appropriate safeguards for international transfers (e.g., contractual protections, vendor security commitments, and other mechanisms recognized by applicable law).

We keep personal data only as long as needed for the purposes described:

• App conversations and task data: retained while your account is active and for up to 12 months after account deletion
• WhatsApp conversations: retained for 12 months for support, audit, and quality reasons
• Push notification tokens: retained while you have the app installed and notifications enabled; deleted when you unregister or uninstall
• Operational logs / security records: retained as needed for security and compliance
• Where law requires longer retention, we comply

After retention periods, data is deleted or anonymized.

We use reasonable technical and organizational measures to protect data, such as:

• Access controls and least-privilege permissions
• Encryption in transit (HTTPS/TLS) for all communications
• Secure authentication via industry-standard protocols
• Monitoring and logging for abuse/security
• Vendor due diligence where feasible

No method of transmission or storage is 100% secure, but we work to minimize risk.

Depending on your jurisdiction, you may have rights to:

• Access your data
• Correct/update it
• Delete it (including requesting full account deletion)
• Object to or restrict processing
• Withdraw consent (where processing is consent-based)
• Data portability (where applicable)
• Request human review of automated/AI decisions that significantly affect you

To exercise rights, contact privacy@benito.im. We may need to verify your identity (e.g., by confirming control of your email, phone number, or WhatsApp account).

You can request complete deletion of your account and all associated data at any time by:

• Sending an email to privacy@benito.im from the email address associated with your account, with the subject line "Account Deletion Request"

Upon receiving your request, we will delete your account, all conversations, task data, uploaded files, and any other personal data within 30 days. Some data may be retained for a limited additional period only where required by law (e.g., financial records, fraud prevention). We will confirm the deletion by email.

Our services are not intended for children under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us at privacy@benito.im and we will delete it promptly.

On our website, we only use strictly necessary cookies for security and basic functionality. We do not use advertising or tracking cookies.

Our mobile app uses on-device local storage to save your preferences (e.g., theme, session tokens). This data stays on your device and is not transmitted to third parties.

We may update this policy from time to time. We will post the updated version with a new "Last updated" date. For material changes, we will notify you through the app or by other reasonable means.

For privacy requests or questions:

Email

privacy@benito.im

Company

Daver L.L.C-FZ, Meydan Grandstand Hotel 9, Dubai, UAE