COMPLIANCE POLICY

COMPLIANCE POLICY – THATSAPI(Messaging Solutions) Last Updated: 17/12/2025 This Compliance Policy explains the legal, regulatory, and platform-specific requirements that all users (“You”, “Your”, “User”) must follow when using thatsapi.com (“Company”, “We”, “Us”, “Our”). The Policy ensures adherence to Indian laws, Meta WhatsApp Business API policies, and global communication standards. By using THATSAPI services, you agree to comply with all terms described below. --------------------------------------------------------------------- 1. PURPOSE OF THIS POLICY • To maintain a lawful, secure, and responsible messaging environment • To ensure all users comply with Indian legal requirements • To meet Meta WhatsApp Business API rules and communication standards • To prevent misuse, fraud, and unauthorized activities • To protect user data, privacy, and platform integrity --------------------------------------------------------------------- 2. APPLICABLE LAWS AND REGULATIONS All users must comply with the following: • Information Technology Act (IT Act) 2000 • Digital Personal Data Protection (DPDP) Act 2023 • Indian Contract Act 1872 • CERT-IN Cybersecurity Guidelines • RBI and Government of India digital communication norms • Applicable state and central laws relating to business communication Failure to comply may result in legal action or platform suspension. --------------------------------------------------------------------- 3. META WHATSAPP BUSINESS API COMPLIANCE Users must strictly follow: • WhatsApp Business Policy • WhatsApp Commerce Policy • WhatsApp Messaging Rules • Template Approval Guidelines • Opt-in and Opt-out compliance • Quality Rating Requirements Meta may restrict or suspend WhatsApp numbers for violations. THATSAPI is not responsible for enforcement actions taken by Meta. --------------------------------------------------------------------- 4. USER COMPLIANCE RESPONSIBILITIES Users agree to: • Send messages only to opt-in customers • Maintain proof of consent • Use lawful, accurate, and compliant message content • Follow restrictions on promotional and automated messaging • Use approved templates for marketing • Immediately stop messaging when users request opt-out • Maintain up-to-date business information • Complete KYC verification when required • Protect sensitive customer data Users are fully responsible for ensuring their activities comply with all relevant laws and policies. --------------------------------------------------------------------- 5. PROHIBITED ACTIVITIES The following activities are strictly prohibited under this Compliance Policy: • Spam or unsolicited messaging • Messaging non-consenting users • Using purchased, scraped, or illegally collected contact lists • Fraudulent, misleading, or deceptive communication • Loan scams, job scams, investment scams • Cryptocurrency trading, MLM, pyramid schemes • Adult content, obscene or explicit material • Political or religious propaganda • Hate speech, violence, harassment, or extremist content • Promotion of illegal products or services • Impersonation of brands or government entities • Violating WhatsApp template or content rules • Any activity violating Indian law or Meta policy Any violation may result in immediate and permanent account termination. --------------------------------------------------------------------- 6. DATA PROTECTION AND PRIVACY COMPLIANCE Users must comply with: • DPDP Act 2023 • IT Act 2000 (Section 43A and 72A) • Reasonable Security Practices under IT Rules 2011 • Consent-based communication practices User responsibilities include: • Obtaining valid consent before messaging • Protecting personal data of customers • Avoiding unauthorized sharing or selling of contact lists • Reporting data breaches immediately THATSAPI is not responsible for user-level data misuse. --------------------------------------------------------------------- 7. SECURITY COMPLIANCE Users must: • Protect login credentials and API keys • Avoid unauthorized integrations or scripts • Follow best practices for secure API usage • Not attempt to hack, bypass, or disrupt the system THATSAPI may suspend accounts with suspicious activity for investigation. --------------------------------------------------------------------- 8. INDUSTRY-SPECIFIC COMPLIANCE Users operating in regulated industries must comply with additional rules: • Banking, finance, and NBFC: RBI communication guidelines • Healthcare: restrictions on sensitive medical information • E-commerce: Consumer Protection Act requirements • Education: Restrictions on minors and sensitive data Users are responsible for industry-specific compliance. --------------------------------------------------------------------- 9. PLATFORM MONITORING & ENFORCEMENT THATSAPI monitors: • Quality rating • Complaint rates • Content policy violations • Opt-in compliance • API usage patterns • Suspicious or illegal activity Possible enforcement actions: • Warning • Temporary suspension • Permanent account termination • Revocation of WhatsApp API access • Reporting to Meta • Reporting to law enforcement • Loss of credits or subscription without refund --------------------------------------------------------------------- 10. AUDITS AND VERIFICATION • THATSAPI may conduct internal audits of user activity. • Users may be requested to submit proof of consent or business documents. • Failure to provide documentation may result in suspension. --------------------------------------------------------------------- 11. NON-COMPLIANCE AND PENALTIES Violations may result in: • Suspension of account • Termination without refund • API access revocation • Removal of WhatsApp Business access • Legal consequences under Indian law • Blacklisting from the platform --------------------------------------------------------------------- 12. POLICY UPDATES • THATSAPI may update this Compliance Policy at any time. • Updates will be posted with a new “Last Updated” date. • Continued use of THATSAPI services indicates acceptance. --------------------------------------------------------------------- 13. CONTACT INFORMATION For compliance questions or reports: Support Email: info@invotechlabs.com Website: https://www.thatsapi.com Phone: +91 9658896488 --------------------------------------------------------------------- By using THATSAPI services, you acknowledge and agree to follow this Compliance Policy.