Privacy Policy

Last updated: February 19, 2026

1. Who we are

AnyLinga ("we", "us", "our") is a SaaS platform that provides automated message translation, routing, and channel integration for Kommo CRM users. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website (anylinga.com) and application (app.anylinga.com).

2. Data we collect

We collect the following categories of data:

  • Account information: email address, password (hashed), preferred language, timezone, and support code.
  • CRM integration data: Kommo account ID, OAuth tokens (encrypted), connected channel identifiers, and employee information synced from your Kommo account.
  • Message content: the original and translated text of messages processed through our service, along with metadata such as sender identifier, language pair, channel, and timestamp.
  • Usage data: translation token consumption, delivery statuses, and system logs for debugging and service improvement.
  • Technical data: IP address, browser type, and device information collected automatically when you access our website or application.

3. How we use your data

We use the collected data to:

  • Provide, maintain, and improve the AnyLinga service, including message translation, routing, and delivery tracking.
  • Authenticate users and manage account access.
  • Process and relay messages between your messaging channels (WhatsApp, Telegram, Instagram, Facebook Messenger, TikTok) and Kommo CRM.
  • Display translation logs and analytics within the application.
  • Send service-related notifications (e.g., connection issues, billing updates).
  • Provide customer support.

4. Message processing and translation

When a message is received from a messaging channel, AnyLinga processes it as follows:

  • The message text is sent to a third-party AI language model for translation.
  • The original and translated text are temporarily stored in our database for display in translation logs.
  • The translated message is forwarded to the appropriate destination (Kommo CRM or the messaging channel).
  • If the client's language matches the agent's language, no translation occurs and no AI tokens are consumed.

We do not use your message content for model training or any purpose other than providing the translation service.

5. Data retention

  • Translation logs (message content) are automatically deleted after 30 days (extended retention available on Enterprise plans).
  • Outbound message tracking records are cleaned after 7 days.
  • Account data is retained for the duration of your active subscription and deleted upon account termination.
  • OAuth tokens for Kommo, Meta, Instagram, and TikTok are stored encrypted and removed when you disconnect the integration.

6. Third-party services

AnyLinga integrates with the following third-party services to provide its functionality:

  • Kommo CRM — for CRM integration, message relay, and contact management.
  • Meta Platforms (WhatsApp Business API, Facebook Messenger, Instagram) — for receiving and sending messages via these channels.
  • Telegram Bot API — for Telegram channel integration.
  • TikTok for Business — for receiving and sending direct messages via TikTok. When you connect your TikTok Business Account, we access your account identifier (open_id) and display name via the Login Kit, and use the Business Messaging API to send and receive direct messages on your behalf. We do not access your TikTok videos, followers, or public profile content.
  • Evolution API — for WhatsApp QR-based connections.
  • AI translation provider — for message translation (text only, no personally identifiable metadata is sent).
  • Supabase (PostgreSQL, EU region) — for database hosting.
  • Sliplane — for application hosting.

Each third-party service processes data in accordance with their own privacy policies. We select providers that offer adequate data protection standards.

7. Data security

We implement the following measures to protect your data:

  • All connections are encrypted using TLS (HTTPS).
  • Passwords are hashed using bcrypt and never stored in plain text.
  • OAuth tokens are stored encrypted in the database.
  • Webhook endpoints use HMAC signature verification to ensure authenticity.
  • Application infrastructure is hosted in European data centers.
  • Access to production systems is restricted and monitored.

8. Cookies

Our website (anylinga.com) does not use cookies or tracking scripts. The application (app.anylinga.com) uses the following:

  • Authentication token: stored in localStorage to maintain your login session (JWT, 7-day expiry).
  • UI preferences: stored in localStorage (e.g., language selection, auto-refresh settings).

We do not use third-party analytics, advertising cookies, or tracking pixels.

9. Your rights

Depending on your jurisdiction, you may have the following rights:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate data.
  • Deletion: request deletion of your personal data and account.
  • Data portability: request your data in a structured, machine-readable format.
  • Objection: object to certain types of data processing.
  • Withdrawal of consent: disconnect integrations and revoke access at any time through your account settings.

To exercise any of these rights, contact us at hello@anylinga.com.

10. Children's privacy

AnyLinga is a business-to-business service and is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us: