Home

Privacy Policy

Effective March 8, 2026

1. Introduction

FOLIOX INC. ("Foliox," "we," "us," or "our") operates the website at https://foliox.ai and the Foliox platform (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you interact with our Service, including through third-party integrations such as LinkedIn, Twilio, Slack, Microsoft Teams, WhatsApp, email, and SMS.

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account data β€” name, email address, company name, phone number, and job title when you create an account, fill out a form, or subscribe to our newsletter.
  • Communication content β€” messages, order details, and attachments sent through our platform via email, SMS, Slack, Microsoft Teams, or WhatsApp.
  • Payment data β€” billing details processed by our payment provider. We do not store full credit card numbers.

2.2 Information Collected Automatically

  • Usage data β€” pages visited, features used, timestamps, IP address, browser type, and device identifiers.
  • Cookies & analytics β€” we use essential and analytics cookies. See Section 9.

2.3 Information from Third-Party Integrations

When you connect the Service to external platforms, we may receive data as described below. We only access data necessary to deliver the features you enable.

3. Third-Party Integrations & Data Practices

LinkedIn

Provider: LinkedIn Corporation (Microsoft)

Data collected: Public profile information (name, headline, profile URL, member ID) via OpenID Connect; post engagement metrics for content shared through our Service.

Purpose: Authenticate users via LinkedIn Sign-In; share blog posts and company updates on your behalf with your explicit consent.

Retention: OAuth tokens are stored for the duration of the connection. Profile data is cached for session use and refreshed on login.

Provider privacy policy: https://www.linkedin.com/legal/privacy-policy

Twilio (SMS & Voice)

Provider: Twilio Inc.

Data collected: Phone numbers, SMS message content, call metadata (duration, timestamps), delivery status, and voice call recordings when enabled.

Purpose: Send and receive SMS messages for order confirmations, delivery alerts, and driver communications; power AI voice agent (Erik) for inbound fuel order intake.

Retention: Message logs retained for 90 days for operational auditing. Call recordings retained for 30 days unless you opt for longer retention.

Provider privacy policy: https://www.twilio.com/legal/privacy

Email (SMTP / OAuth)

Provider: Your configured email provider (e.g., Google Workspace, Microsoft 365)

Data collected: Email addresses, subject lines, message bodies, and attachments for orders, BOLs, and supply chain communications processed by our AI agents.

Purpose: AI email agent (Aida) reads inbound messages to extract load requests, supplier quotes, and carrier updates; drafts reply templates for dispatcher approval.

Retention: Email metadata indexed for 12 months. Full message content processed in real time and not stored beyond the active session unless explicitly saved to a load record.

Slack

Provider: Salesforce / Slack Technologies

Data collected: Channel messages, direct messages sent to the Foliox bot, user display names, and workspace identifiers.

Purpose: Deliver real-time alerts (tank levels, driver exceptions, order updates); provide interactive support via Slack Connect.

Retention: Alert history retained for 90 days. We do not store messages outside of alert logs.

Provider privacy policy: https://slack.com/trust/privacy/privacy-policy

Microsoft Teams

Provider: Microsoft Corporation

Data collected: Chat messages sent to the Foliox bot, user display names, and tenant identifiers.

Purpose: Deliver operational alerts and enable dispatcher commands via Teams chat.

Retention: Same as Slack β€” alert history retained for 90 days.

Provider privacy policy: https://privacy.microsoft.com/en-us/privacystatement

WhatsApp (via Twilio / Meta)

Provider: Meta Platforms / Twilio

Data collected: Phone numbers, message content, delivery and read receipts.

Purpose: Send order confirmations, delivery ETAs, and driver communications to customers and carriers who opt in to WhatsApp notifications.

Retention: Message logs retained for 90 days. We do not access your personal WhatsApp conversations β€” only messages exchanged with the Foliox business number.

Provider privacy policy: https://www.whatsapp.com/legal/privacy-policy

4. How We Use Your Information

  • Provide, operate, and maintain the Service
  • Process fuel orders, dispatch loads, and manage supply chain workflows
  • Send transactional messages (order confirmations, alerts, BOL notifications) via SMS, email, Slack, Teams, or WhatsApp
  • Improve the Service through usage analytics and feedback
  • Send newsletters and product updates (with your consent; you may unsubscribe at any time)
  • Comply with legal obligations and enforce our terms

5. Data Sharing & Disclosure

We do not sell your personal data. We share data only with:

  • Service providers β€” Twilio (messaging), Vercel (hosting), Stripe (payments), and analytics providers, under strict data processing agreements.
  • Connected platforms β€” LinkedIn, Slack, Teams, and WhatsApp only receive data required to deliver features you enable.
  • Legal requirements β€” we may disclose data if required by law, subpoena, or legal process.
  • Business transfers β€” in connection with a merger, acquisition, or sale of assets.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.2+) and at rest, access controls, regular security audits, and SOC 2 Type II compliance. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described in this policy, or as required by law. When data is no longer needed, it is securely deleted or anonymized. Specific retention periods for third-party integration data are listed in Section 3.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict certain processing
  • Data portability β€” receive your data in a structured format
  • Withdraw consent for marketing communications at any time
  • Opt out of SMS and WhatsApp messages by replying STOP

To exercise any of these rights, contact us at privacy@foliox.ai. We will respond within 30 days.

9. Cookies & Tracking

We use essential cookies to maintain sessions and preferences, and analytics cookies (e.g., Vercel Analytics) to understand usage patterns. You can manage cookie preferences through your browser settings. We do not use cookies for cross-site advertising.

10. Children's Privacy

The Service is not directed at individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will promptly delete it.

11. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on our website. The "Effective Date" at the top of this page indicates when the policy was last revised.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact:

FOLIOX INC.

Email: privacy@foliox.ai

Website: https://foliox.ai