Privacy Policy

Last Updated: November 30, 2025

Waplify, a product of Atozdebug Technology Pvt. Ltd. (“Company,” “we,” “us,” or “our“), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our Services.

1. Information We Collect

Personal Information You Provide

When you register, create an account, or use Waplify services, we collect:

  • Account Information: Full name, email address, phone number, company name, job title, billing address

  • Authentication Data: Passwords, security questions, authentication codes

  • Payment Information: Billing details (processed securely by third-party payment processors)

  • WhatsApp Business Connection: When you connect your WhatsApp Business Account through Meta Business Manager, we collect WhatsApp Business Account details and phone numbers associated with your account

  • Contact Data: Contact lists you upload (names, phone numbers, email addresses, tags, and custom fields)

  • Communication Data: Messages, support requests, feedback, and any information you share with our support team

  • Profile Information: Photo, timezone, language preferences, account settings

Information Collected Automatically

When you access or use Waplify, we automatically collect:

  • Device Information: Device type, operating system, browser type, device identifiers, IP address, device name, hardware model
  • Usage Data: Pages visited, features used, campaign data, message sending history, click-through rates, session duration, timestamps
  • Location Data: Approximate location based on IP address (can be disabled in browser/device settings)
  • Log and Diagnostic Data: Error reports, system activity, performance metrics, technical issues
  • Behavioral Data: Search queries, preferences, communication patterns, feature interactions

Information from Third Parties

We may receive information from:

  • Social Login Providers: When you sign in using Google, we receive your Google account profile information (name, email, profile picture)
  • Meta Business Manager: When connecting WhatsApp Business Account, Meta provides account verification status and connected phone numbers
  • Marketing Partners: Campaign performance data, lead source information
  • Analytics Providers: Behavioral analytics and usage patterns
  • Public Databases: Company information for business verification purposes

Sensitive Information Note

We do not intentionally collect sensitive personal data such as health information, biometric data, or racial/ethnic origin. However, your contact lists may contain personal data provided by you—you are responsible for ensuring proper consent from contacts.

2. How We Use Your Information

We use collected information for:

Service Operations

  • Creating and managing your account
  • Processing payments and billing
  • Delivering WhatsApp messaging services via Meta’s infrastructure
  • Handling campaign management, analytics, and reporting
  • Providing customer support and technical assistance

Service Improvement

  • Analyzing usage patterns to enhance features
  • Diagnosing technical issues and improving performance
  • Conducting research and development
  • Personalizing user experience

Communication

  • Sending service-related notifications (account updates, billing alerts, security alerts)
  • Marketing communications and promotional offers (with your consent)
  • Responding to your inquiries and support requests
  • Policy updates and important announcements

Security and Compliance

  • Detecting, preventing, and addressing fraud, abuse, and security threats
  • Enforcing Terms of Service and other agreements
  • Complying with legal obligations and law enforcement requests
  • Protecting rights, privacy, and safety of our users and the public

Analytics and Tracking

  • Understanding user behavior through Google Analytics
  • Remarketing via Meta Pixel, LinkedIn Pixel, and similar tools
  • Product optimization using PostHog and analytics tools
  • Measuring campaign effectiveness

Legal and Business Operations

  • Resolving disputes and legal proceedings
  • Conducting audits and compliance reviews
  • Business transfers (merger, acquisition, asset sale)

3. Legal Basis for Processing

For Users in the EU/UK (GDPR Compliance)

We process your personal data based on:

  • Contract Performance: To provide services you’ve requested
  • Legitimate Interests: For service improvement, security, and fraud prevention
  • Consent: For marketing communications and optional features (you can withdraw anytime)
  • Legal Obligation: To comply with tax, financial, and regulatory requirements
  • Vital Interests: To protect user safety and prevent harm

For Users in Canada

We rely on:

  • Express Consent: For specific data uses you’ve authorized
  • Implied Consent: Where reasonable to expect consent based on interaction
  • Legal Requirements: To comply with laws
  • Legitimate Business Purposes: Where permitted by law

For Users Globally

We process data to:

  • Fulfill our contractual obligations
  • Comply with applicable laws and regulations
  • Protect our legitimate business interests
  • With your explicit consent for optional uses

4. How We Share Your Information

We Share Data With:

Payment Processors

  • Razorpay, Stripe, PayPal, Paddle, Payoneer – handle payment processing (PCI-DSS compliant)
  • They receive only information necessary for payment processing

Meta/WhatsApp

  • WhatsApp Business Account verification and messaging infrastructure
  • Contact information necessary to send WhatsApp messages on your behalf

Google Services

  • Google Sign-In: Authentication only
  • Google Analytics: Aggregated usage data (not personally identifying)
  • Your data is subject to Google’s Privacy Policy

Analytics and Marketing Tools

  • PostHog: Product analytics and feature usage
  • Meta Pixel: Remarketing and campaign tracking
  • LinkedIn Pixel: Professional audience remarketing
  • Other analytics tools: Usage patterns and behavior analysis

Service Providers

  • Cloud hosting providers (for data storage and security)
  • Email providers (for communication)
  • Customer support platforms
  • Backup and disaster recovery services

All service providers are contractually obligated to:

  • Process data only on our instructions
  • Maintain data security standards
  • Not use data for their own purposes
  • Comply with applicable data protection laws

We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Legal Disclosure

We may disclose information if:

  • Required by law or legal process
  • Responding to government requests
  • Protecting our legal rights or property
  • Preventing fraud or security threats
  • Protecting user safety and public interest

Business Transfers

If Waplify or Atozdebug Technology Pvt. Ltd. is involved in merger, acquisition, bankruptcy, or asset sale, your data may be transferred as part of that transaction.

5. Data Security

Security Measures

We implement:
  • Encryption: Data in transit uses SSL/TLS encryption; sensitive data at rest is encrypted
  • Access Controls: Role-based access, authentication requirements, audit logs
  • Firewalls and Intrusion Detection: Network security measures
  • Regular Security Audits: Periodic testing and vulnerability assessments
  • Employee Training: Data protection and security awareness programs
  • Incident Response: Procedures for detecting and responding to breaches
Limitations No system is 100% secure. Despite our safeguards:
  • Hackers or unauthorized parties may breach our security
  • We cannot guarantee absolute protection
  • You transmit data at your own risk
  • We recommend using strong passwords and secure networks
Report Security Issues: Contact [email protected] immediately if you suspect unauthorized access or data breach.

6. Cookies and Tracking Technologies

Types of Cookies We Use

Essential Cookies – Required for platform functionality

  • Session management, account authentication, security

Preference Cookies – Remember your settings

  • Language, timezone, display preferences

Analytics Cookies – Understand user behavior

  • Google Analytics, PostHog, usage patterns
  • Help us improve features and performance

Marketing/Remarketing Cookies – Targeted advertising

  • Google Ads, Meta Pixel, LinkedIn Pixel
  • Show relevant ads on other websites you visit

Managing Cookies

Do-Not-Track (DNT)

We do not currently respond to DNT signals. If a standard is adopted, we will update this policy.

7. Data Retention

How Long We Keep Your Data

Active Accounts:

  • Personal data retained as long as your account is active
  • Necessary to provide ongoing services and support
  • You can request deletion anytime

After Account Deletion:

  • Most data deleted within 90 days
  • Some data retained for legal/compliance reasons (up to 7 years if required):
    • Financial records (tax compliance)
    • Billing transactions (accounting standards)
    • Legal disputes or investigations
    • Fraud prevention

Analytics Data:

  • Aggregated usage data: retained for service improvement
  • Individual usage logs: retained for 12 months

WhatsApp Message History:

  • Retained as long as account is active
  • Deleted within 90 days of account deletion
  • Can be manually deleted by user

Backup Data:

  • May be retained longer for disaster recovery
  • Will be securely destroyed after retention period

8. Your Privacy Rights

Rights Available in Most Jurisdictions

Right to Access

  • Request a copy of all personal data we hold about you
  • Understand what data we collect and why

Right to Rectification

  • Correct inaccurate or incomplete information
  • Update your account details anytime

Right to Erasure (“Right to Be Forgotten”)

  • Request deletion of your personal data
  • Subject to legal/compliance exceptions
  • Note: Some data must be retained for legal reasons

Right to Restrict Processing

  • Limit how we use your data
  • We continue to store it but limit active processing

Right to Data Portability

  • Receive your data in structured, machine-readable format
  • Transfer data to another provider

Right to Object

  • Object to marketing communications
  • Opt-out of data processing for certain purposes
  • Unsubscribe from emails by clicking “Unsubscribe” link

Right to Withdraw Consent

  • Withdraw marketing consent anytime
  • Withdraw consent for optional data uses
  • Does not affect lawfulness of prior processing

EU/UK Specific Rights (GDPR/UK GDPR)

If you’re located in the European Union or United Kingdom, you have additional rights:

  • Right to lodge a complaint with your supervisory authority
  • Right to object to automated decision-making

Supervisory Authorities:

California Residents (CCPA)

If you’re a California resident, you have rights to:

  • Know what personal information is collected and used
  • Delete personal information (with exceptions)
  • Opt-out of “sale” of personal information (we don’t sell data)
  • Non-discrimination for exercising rights

Virginia Residents (VCDPA)

Similar rights including access, correction, deletion, portability, and opt-out of targeted advertising and profiling.

9. Third-Party Links

Our Service may contain links to third-party websites and services. We are not responsible for:

  • Their privacy practices
  • Their content or policies
  • Data they collect about you

We strongly recommend reviewing their privacy policies before sharing information.

10. Children's Privacy

Age Restrictions

Waplify is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18.

If We Learn of Underage Users

If we discover we’ve collected data from someone under 18:

  • We will delete the information promptly
  • We will deactivate the account
  • We will take reasonable measures to prevent further collection

If you’re a parent/guardian and believe your child has provided information to us, contact us immediately at [email protected].

11. International Data Transfers

Global Service

Waplify operates globally. Your data may be transferred to, stored in, and processed in countries other than your country of residence, including countries that may not have the same data protection laws as your home country.

For EU/UK Residents

By using Waplify, you consent to:

  • Transfer of your data outside the EEA/UK
  • Processing under this Privacy Policy
  • Applicable laws of India

We maintain appropriate safeguards:

  • Standard Contractual Clauses (SCCs) with service providers
  • Data Protection Impact Assessments (DPIAs)
  • Adequacy determinations where applicable

For All Users

Your use of Waplify constitutes your consent to data transfer and processing as described in this policy. If you do not agree, please do not use our Service.

12. Changes to This Policy

Updates and Modifications

We may update this Privacy Policy at any time. Changes become effective when posted.

Notification of Changes:

  • Major changes: we’ll notify you via email or prominent notice on our Service
  • We’ll update the “Last Updated” date at the top of this policy
  • Continued use after changes = acceptance of updated policy

Your Responsibility: Review this policy periodically for updates.

13. Contact Us

Privacy Inquiries and Data Subject Requests

For questions about this Privacy Policy, to exercise your rights, or to report data breaches:

Email: [email protected]

Response Time: We respond to requests within 30 days (or as required by applicable law).

What to Include in Your Request

  • Your name and email address
  • Account email (if applicable)
  • Clear description of your request
  • Any relevant details or dates
  • Proof of identity (if required)

Data Protection Officer

For data protection-related inquiries, contact: [email protected]

Additional Information

Legal Compliance

This Privacy Policy complies with:

  • General Data Protection Regulation (GDPR) – EU/UK
  • Digital Personal Data Protection Act (DPDPA) – India
  • California Consumer Privacy Act (CCPA)
  • Virginia Consumer Data Protection Act (VCDPA)
  • Canadian Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Other applicable international data protection laws

Important Notice

We encourage you to review our Terms of Service and other policies for a complete understanding of your rights and our obligations.

If you do not agree to this Privacy Policy, please do not use Waplify services.