User Privacy

PRIVACY POLICY – thatsapi.com Last Updated: 17/12/2025 This Privacy Policy explains how thatsapi.com (“Company”, “We”, “Us”, “Our”) collects, processes, stores, protects, and uses personal information in compliance with Indian laws and Meta WhatsApp Business API requirements. This Policy follows: • Digital Personal Data Protection (DPDP) Act 2023 • Information Technology Act (IT Act) 2000 • Information Technology (Reasonable Security Practices and Procedures) Rules, 2011 • CERT-IN Guidelines • Meta WhatsApp Business API, Commerce, and Messaging Policies • International data protection standards By accessing or using our services, you agree to the terms described in this Privacy Policy. --------------------------------------------------------------------- 1. INTRODUCTION • THATSAPI (Messaging Solutions) is committed to protecting user privacy. • This Privacy Policy outlines how we collect, process, use, and safeguard personal data when you use our Meta-verified WhatsApp Business API and Messaging Solutions. • We operate strictly as a technology service provider. Users are solely responsible for the content they send, contacts they upload, and data they process. • The Company does not monitor, control, or influence user messages, campaigns, or contact lists. --------------------------------------------------------------------- 2. INFORMATION WE COLLECT A. User Data • Name • Email address • Mobile number • WhatsApp number • Business name and documents (KYC) • Billing information and payment details B. Usage Data • IP address • Device information • Browser metadata • Login logs and session data • API usage logs • Webhook logs • Technical data required for analytics, performance improvement, and security monitoring C. End-User Data • Users are solely responsible for obtaining valid consent from their customers before sending messages via WhatsApp. • THATSAPI does not access, store, or control end-user conversation content. D. WhatsApp Business API Information • Template usage and approval data • Phone number quality rating • WABA account events • Messaging performance metrics We do not store WhatsApp message content except for temporary debugging when explicitly permitted and automatically deleted thereafter. --------------------------------------------------------------------- 3. PURPOSE OF DATA USAGE We process data for the following purposes: • Delivering, maintaining, and improving WhatsApp Business API services • Verifying user identity and business credentials • Ensuring compliance with Meta policies and Indian regulations • Enhancing security, preventing fraud, and monitoring system integrity • Providing customer support and service updates • Processing billing, payments, and subscriptions • Debugging, analytics, and performance optimization • Satisfying legal obligations and regulatory requirements THATSAPI does not use data for advertising or selling to third parties. --------------------------------------------------------------------- 4. WHAT WE NEVER DO • We do not sell, rent, or trade user data. • We do not store or read WhatsApp message content. • We do not share data with unauthorized third parties. • We do not access customer contact lists without user permission. • We do not store sensitive personal conversations. • We do not track users outside our platform. --------------------------------------------------------------------- 5. DATA SHARING Limited data sharing may occur only with: • Meta Platforms Inc. (for WhatsApp API operations) • Third-party service providers such as hosting, cloud servers, and firewalls • Payment gateways (Razorpay, Stripe, etc.) • Security and anti-fraud systems operating under strict agreements • Government or law enforcement authorities, only when legally mandated THATSAPI never voluntarily discloses user data without official legal requirements. --------------------------------------------------------------------- 6. DATA SECURITY We use industry-standard security practices to safeguard personal information: • 256-bit encryption • SSL/TLS secure communication • Multi-layer firewalls and intrusion detection • Brute-force and bot mitigation systems • API rate-limiting and DDoS protection • Encrypted backups • Strict role-based access control • Regular security audits and monitoring Users are responsible for protecting their login credentials, API keys, and authentication devices. --------------------------------------------------------------------- 7. DATA RETENTION We retain personal data only for as long as necessary to: • Provide services efficiently • Fulfill legal, financial, and regulatory obligations • Resolve disputes and enforce agreements Retention timelines: • API logs: 90 days • Login logs: 180 days • Billing data: 7 years (mandatory under Indian law) • Debug logs: auto-deleted within 7 days Users may request data deletion unless retention is required for legal purposes. --------------------------------------------------------------------- 8. USER RIGHTS Under Indian law, users have the right to: • Access their personal data • Request correction or updates • Request deletion (subject to legal limitations) • Withdraw consent • Request data portability • Raise privacy grievances Users may exercise their rights by contacting our Support Team. --------------------------------------------------------------------- 9. USER RESPONSIBILITIES Users must: • Follow Meta WhatsApp Business and Commerce Policies • Follow DPDP Act 2023 and IT Act 2000 • Use only consent-based contacts • Avoid sending spam, fraud, harmful, or prohibited content • Avoid uploading purchased or scraped databases • Ensure accurate business information and documentation • Maintain compliance with all applicable laws THATSAPI is not liable for user policy violations. --------------------------------------------------------------------- 10. POLICY UPDATES • THATSAPI may update this Privacy Policy to reflect legal changes, Meta policy updates, or service improvements. • Significant changes will be communicated via email or platform notification. • Continued usage indicates acceptance of revised terms. --------------------------------------------------------------------- 11. CONTACT INFORMATION For questions, concerns, or privacy-related requests, contact: Support Email: info@invotechlabs.com Website: https://www.thatsapi.com Phone: +91 9658896488 Grievance Officer: Sukhpal Saini Address: HR, India --------------------------------------------------------------------- 12. FINAL LEGAL PROTECTION CLAUSE • THATSAPI is a technology provider, not the sender of messages. • All responsibility for message content, compliance, and lawful use lies solely with the user. • THATSAPI is not responsible for misuse, illegal campaigns, user-generated content, WhatsApp restrictions, or damages arising from user actions. • Using THATSAPI means the user fully accepts all protections, disclaimers, and limitations stated in this Privacy Policy.