Privacy Policy
Privacy Policy
Last updated: 2026-07-11
This privacy policy applies to the website, products and services offered under the brand WAAPI, operated by WAAPI (“we”, “us”, “our”). By accessing or using our services you agree to this privacy policy. If you do not agree, please discontinue use of the services.
1. Data we collect
- Account data — name, business name, email address, phone number, billing details.
- Service data — contacts, messages, templates, media and settings you store or transmit through the platform. You are the controller of this data; we process it on your instructions.
- Technical data — IP address, device and browser information, usage logs and cookies (see our Cookies Policy).
2. How we use data
We use personal data to provide and secure the services, process payments, provide support, meet legal obligations, prevent abuse, and — with your consent where required — send service and marketing communications. We do not sell personal data.
3. Legal bases
Where the GDPR applies we rely on contract performance, legitimate interests (service security and improvement), consent (marketing, cookies) and legal obligation. For India, processing follows the DPDP Act, 2023 on the basis of consent and legitimate uses.
4. Sharing
Data is shared only with: (a) processors we use to run the platform (hosting, payment gateways, messaging channels such as the WhatsApp Business Platform); (b) authorities where the law requires; (c) successors in a business transfer. All processors are bound by data-processing terms.
5. International transfers
Data may be processed in data centres outside your country. Where required we use appropriate safeguards such as standard contractual clauses.
6. Retention
Account data is kept for the life of the account and as required for tax/legal record-keeping thereafter. Message and log data is retained per the platform’s documented retention windows, after which it is deleted or anonymised.
7. Your rights
Subject to applicable law you may access, correct, export or delete your personal data, withdraw consent, or object to certain processing. Indian users may exercise DPDP Act rights including grievance redressal (see our Grievance Redressal Policy); EU/UK users may lodge complaints with their supervisory authority; California residents have CCPA rights including non-discrimination.
8. Children
The services are for business use and not directed to children under 18. We do not knowingly collect children’s data.
9. Security
See our Data Security Policy for how data is protected.
Governing law & jurisdiction
This document is governed by the laws of India. For operators in India this includes the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Consumer Protection Act, 2019. Where we serve customers in other jurisdictions, we honour applicable local requirements including the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) to the extent they apply. Courts at our registered place of business have exclusive jurisdiction, subject to any non-waivable consumer rights in your country of residence.
Contact us
WAAPI is operated by WAAPI. For any questions about this document, contact us:
- Please use the contact options published on this website.