Responsible AI at Zithara.AI

Building AI-first retail CRM with trust, transparency, and merchant data protection at the core.

At Zithara.AI, artificial intelligence powers our core platform — from WhatsApp chat agents and customer segmentation to campaign automation and lead scoring. We believe that as AI becomes central to how merchants engage their customers, it must be governed with the same rigor we apply to data security and privacy. This page outlines how we build, deploy, and oversee AI responsibly.

Our AI principles

Privacy first

Merchant customer data is processed with strict isolation. Each merchant's data lives in a separate database. AI processing never crosses tenant boundaries. Customer data is never used to train third-party AI models.

Transparency

Merchants can see what AI decides and why. RFM customer segments show scoring criteria. Campaign recommendations include reasoning. Chat agent responses are logged and auditable.

Human oversight

AI assists — humans decide. All AI-generated campaign messages require merchant approval before sending. Chat agents have configurable escalation rules to hand off to human support. Automated segmentation can be manually overridden.

Data minimization

AI models process only the minimum data required for each feature. We do not build general-purpose profiles from merchant customer data.

How AI powers our platform

AI is embedded across four core capabilities:

WhatsApp chat agents

AI-powered conversational agents on merchants' WhatsApp Business accounts. They respond to customer queries, share product information, and facilitate transactions. Every response is generated within merchant-defined guardrails.

Customer segmentation (RFM analysis)

Machine learning analyzes purchase history to create Recency, Frequency, Monetary segments. This enables merchants to target the right customers with the right message. Scoring criteria are visible and adjustable.

Campaign automation

AI assists with message generation, send-time optimization, and audience targeting across WhatsApp, SMS, and email. All campaigns require merchant review and approval before deployment.

Lead scoring & management

AI models score and prioritize leads based on engagement patterns, helping merchants focus on high-intent prospects. Scoring logic is explainable and can be manually adjusted.

How merchant data flows through AI

Every AI feature follows the same secure data pipeline:

Step 1

Data input

Merchant customer data enters from CRM, POS, WhatsApp, or web sources. Data is encrypted in transit (TLS 1.2+).

Step 2

Processing

AI processes data within the merchant's isolated tenant environment. No cross-tenant data mixing. Processing happens on AWS Mumbai region infrastructure.

Step 3

Output

AI generates segments, recommendations, or chat responses. Outputs are stored in the merchant's database only.

Step 4

Retention

Campaign data retained for 12 months for analytics.

Step 5

Audit

All AI processing activities are logged with timestamps, data types, and purpose codes for compliance auditing.

What we never do with your data

  • We never use merchant customer data to train third-party AI models (OpenAI, Google, etc.)
  • We never share one merchant's data with another merchant's AI processing
  • We never make fully automated decisions about individual customers without merchant oversight
  • We never store customer data beyond defined retention periods
  • We never process sensitive personal data (Aadhaar, financial account numbers) through AI features

Compliance & standards

Our AI governance aligns with:

ISO 27001Information security management
DPDPA 2023India's Digital Personal Data Protection Act
AWS Well-ArchitectedCloud security best practices
OWASP Top 10 for LLMAI-specific security controls

Questions about our AI governance?

We welcome inquiries from merchants, partners, and security teams.