Privacy Policy

1. Introduction

WhatsAppReach ("we", "us", "our") respects your privacy. This policy explains what data we collect, how we use it, and your rights regarding that data. This policy applies to all users of the WhatsAppReach platform.

2. Data We Collect

Account data: Name, email address, and authentication details provided during sign-up.

Workspace data: Workspace name, connected WhatsApp Business API numbers, contacts you upload (names, phone numbers, email addresses, addresses, consent status), messages you compose and send, campaign history, delivery status, and reply content.

Usage data: Feature usage patterns, AI compose credit consumption, and login activity for security and product improvement.

Payment data: Billing information is collected and processed by our authorized payment provider. We do not store credit card numbers or bank details directly.

3. How We Use Your Data

We use your data to: provide and operate the Service; manage campaigns through your WhatsApp Business API connection; process AI composition requests; track campaign delivery and replies; manage billing and subscriptions; improve the product; and communicate with you about your account.

4. Data Sharing

We do not sell your data to third parties. We share data only with trusted service providers necessary to operate the platform, including authentication, payment processing, AI services (only the message text you choose to enhance — never your contact list), cloud storage, and database hosting. All providers are bound by their own privacy policies and data processing agreements.

5. Data Storage and Security

Data is stored in secure databases with SSL encryption in transit. Media files are stored with access-controlled URLs. We implement reasonable security measures including authentication, workspace isolation, and audit logging for administrative actions.

6. Data Retention

Your data is retained for as long as your account is active. Upon account deletion, your workspace data (contacts, messages, campaigns) is permanently deleted within 30 days. Billing records may be retained longer as required by tax and financial regulations.

7. Your Rights

Depending on your jurisdiction, you may have the right to: access your personal data; correct inaccurate data; delete your data; export your data in a portable format; restrict or object to certain processing; and withdraw consent at any time. To exercise these rights, contact us at privacy@whatsappreach.com.

8. International Data Transfers

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place for all international data transfers in compliance with applicable data protection laws.

9. GDPR Compliance

For EU/EEA users: our legal basis for processing is legitimate interest (providing the Service you requested) and contract performance. You may lodge a complaint with your local data protection authority.

10. POPIA Compliance

For South African users: we process personal information in accordance with the Protection of Personal Information Act (POPIA). You are the responsible party for the contact data you upload and manage through the Service. We act as an operator processing data on your behalf.

11. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. No third-party analytics cookies are placed without your consent.

12. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or in-app notice. Continued use of the Service after changes constitutes acceptance.

13. Contact

For privacy questions or data requests, contact us at privacy@whatsappreach.com.