Legal
Copilot Terms
Last updated · consent version 2026-04-30
The Copilot is the assistant that listens when you message Rexeipt and acts on your business data when you ask. This page is the plain-language summary you should be able to read in 60 seconds before you say yes. The full legal framing lives in the Privacy Notice and the Terms of Service.
3 buckets I read
Sales · Stock · Customers
3 things I never do
Read your personal chats · Sell your data · Train external models
3 ways to control me
START COPILOT · PAUSE COPILOT 7D · STOP COPILOT
What I do
I help you run your business through WhatsApp + the web dashboard. With your consent, I can:
- Record sales, stock-ins, expenses, supplier debts, and transfers from natural-language messages or voice notes.
- Send receipts to your customers and a daily summary to you at 9 PM.
- Watch your business — alert you before stock runs out, flag suppliers who haven’t been paid, or surface idle customers.
- Coach — answer “how is my shop doing?”, run a multi-step task like “help me improve this week”, and suggest the next thing to do.
What I read
I look at three buckets of your business data, and only those three:
- Sales — the transactions you record (or the photos and voice notes you send so I can record them for you).
- Stock — items, quantities, suppliers, costs.
- Customers — the names + phone numbers you save against transactions, plus their debt history.
I also see the messages you send me on WhatsApp or the web — that’s how I understand what you want me to do. Those messages are stored in the audit trail (see What I log).
What I never do
- Read your personal WhatsApp chats. The WhatsApp Business API only delivers me messages sent to my number. Your conversations with friends, family, or other businesses are invisible to me.
- Read your contacts list. I only ever see phone numbers you explicitly attach to a transaction or staff record.
- Sell or share your data. Sub-processors that help run the platform (hosting, embeddings, billing) are listed in the Privacy Notice. That’s the entire list.
- Train external AI models on your data. Anything that touches an external model (e.g. embeddings on DeepInfra) is for serving you — never for training someone else’s model.
- Send messages to people you didn’t ask me to message. I message your customers only when you record a transaction with their phone number. I message you only on the schedule and channels you opted into.
How to control me
You drive. The verbs below work in WhatsApp and on the web:
| Command | What it does |
|---|---|
START COPILOT | Grant consent. I turn on with default settings. |
PAUSE COPILOT 7D | Pause for N days (1–90). I keep your data, just stop acting. |
RESUME COPILOT | Lift a pause early. |
STOP COPILOT | Revoke consent. I stop processing immediately. |
Or open portal › settings › privacy for a full UI: quiet hours, mute specific nudge categories, change retention, export your data, or erase it.
Your rights, in one minute
You have NDPA + GDPR rights over the data I process. Most of them you can exercise yourself in < 30 seconds:
| Right | How to use it |
|---|---|
| Access (export) | Privacy page → “Export my data”. Returns a JSON bundle. |
| Erasure | Privacy page → “Erase Copilot data” (requires confirmation). Wipes Copilot rows; operational records remain per tax law. |
| Withdraw consent | STOP COPILOT on WhatsApp, or toggle off in portal. |
| Restriction (pause) | PAUSE COPILOT 7D for any number of days 1–90. |
| Rectification | Edit transactions, items, customers directly in the portal. |
| Objection / DPO contact | app@rexeipt.com (30-day SLA). |
| Complaint | Nigeria Data Protection Commission (ndpc.gov.ng) or your local EU / UK regulator. |
How long I keep things
- 540 days — default for Copilot data (signals, audit log, proactive nudges). You can tighten this to 30 days or relax it to 3,650 days from the privacy page.
- 1,095 days (3 years) — minimum for the consent audit log, regardless of your retention setting. NDPA auditors expect to see consent history for that long.
- 7 years — operational transactional data (sales, receipts, expenses), required by Nigerian tax law. This is data about your business, not data about the Copilot turning on.
- Automatic daily sweep at 03:13 UTC removes anything past the cutoff.
What I log (for your protection)
Every action I take on your behalf writes an immutable row including:
- Which tool was called (e.g.
record_sale). - Whether the action succeeded, failed, or was rejected — and why.
- The business + actor + channel that initiated it.
- The result of the cross-tenant UUID validator (so we can prove no leaked data crossed your business boundary).
This log is what makes “he said, she said” arguments end. You can request your business’s slice via the export button.
What changes mean for you
If we change what the Copilot does in a way that affects what data it reads, we’ll bump the consent version, notify you on WhatsApp + email, and ask you to re-confirm before the new behaviour activates. Until you do, I keep running on the version you originally agreed to.
The current version stamped on your consent is 2026-04-30.
Have a question?
Email app@rexeipt.com. For anything broader than the Copilot, see the full Privacy Notice and Terms of Service.