đ 1. Overview
Welcome to Wafity ("we", "our", or "us"). Wafity is a WhatsApp Cloud API-based messaging platform that enables businesses to send campaigns, automate conversations, and manage customer interactions via WhatsApp.
This Privacy Policy applies to all users of our website at wafity.com and our platform at dashboard.wafity.com. By using Wafity, you agree to the collection and use of information in accordance with this policy.
Important: Wafity operates on Meta's Official WhatsApp Cloud API. This means your WhatsApp Business account, phone number, and messaging activity are also governed by Meta's Business Policy and WhatsApp's Privacy Policy.
đ 2. Data We Collect
We collect different types of information depending on how you interact with Wafity.
2.1 Account & Registration Data
When you create a Wafity account, we collect:
- Full name and email address
- Company name and business details
- Password (stored in encrypted form)
- Billing and payment information (processed securely via our payment provider)
- WhatsApp Business Account ID and associated phone numbers you connect to Wafity
2.2 Usage & Platform Data
As you use the Wafity platform, we collect:
- Campaign names, message templates, and content you create
- Contact lists and phone numbers you upload or manage
- Chat conversations handled through the Wafity inbox
- Flow Maker configurations and chatbot logic you build
- Reminder and scheduling configurations
- Feature usage patterns and in-app activity logs
2.3 Technical & Device Data
We automatically collect certain technical information when you access our platform:
- IP address and approximate location (country/city level)
- Browser type and version
- Operating system
- Pages visited and time spent on the platform
- Referring URLs
- Session identifiers and access timestamps
2.4 Contact Form Data
When you submit our contact form at wafity.com, we collect your name, email address, company, and the content of your message.
2.5 End-User Data (Your Customers)
When you use Wafity to message your customers via WhatsApp, we process data about your end users (phone numbers, message content, delivery and read status) on your behalf. You are the data controller for this data; we act as the data processor.
You are responsible for ensuring you have the lawful right to contact your customers on WhatsApp and that you comply with applicable data protection laws when uploading contact lists to Wafity.
âī¸ 3. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Providing the Wafity platform and its features | Account data, usage data | Contract performance |
| Processing payments and managing subscriptions | Billing data, email | Contract performance |
| Sending transactional emails (receipts, alerts, password resets) | Email address | Contract performance |
| Customer support and responding to inquiries | Contact form data, account data | Legitimate interest |
| Platform security, fraud prevention, and abuse detection | Technical data, usage logs | Legitimate interest |
| Product analytics and improving platform features | Usage data, technical data | Legitimate interest |
| Sending product updates and marketing communications | Email address | Consent (opt-out anytime) |
| Legal compliance and enforcing our terms | All relevant data | Legal obligation |
đŦ 4. WhatsApp & Meta
Wafity is built exclusively on the Official WhatsApp Cloud API provided by Meta Platforms, Inc. This means:
- All WhatsApp messages sent through Wafity are transmitted via Meta's infrastructure.
- Your WhatsApp Business Account credentials (phone number, WABA ID, access token) are stored securely and used solely to authenticate API requests on your behalf.
- Message delivery, read receipts, and conversation data flow between your account and Meta's servers. We do not intercept or modify this communication.
- Meta may retain message metadata and content in accordance with their own privacy policy. We encourage you to review WhatsApp's Privacy Policy.
- WhatsApp message costs are billed directly by Meta to your Meta Business account. Wafity does not have access to your Meta payment details.
We never store the plaintext content of WhatsApp messages on our servers beyond what is necessary to display them in the Wafity inbox and generate analytics. Message content in the inbox is encrypted at rest.
đ¤ 5. AI & Third-Party Services
Wafity integrates with several third-party services to deliver AI-powered features. When you use these features, relevant data may be transmitted to these providers:
5.1 OpenAI
AI features including message translation, chat summarization, message style rewriting, AI chatbots, and LLM Flow Maker nodes are powered by OpenAI's API. When you use these features, the relevant message content or prompt is sent to OpenAI for processing. OpenAI processes this data in accordance with their Privacy Policy. We use OpenAI's API in a manner that does not allow OpenAI to use your data to train their models by default (API usage is excluded from training data per OpenAI's policy).
5.2 Voiceflow
If you use the Voiceflow integration, your AI agent configurations and conversation data may be processed by Voiceflow's platform. Please refer to Voiceflow's Privacy Policy for details.
5.3 Other Integrations
Wafity supports integrations with third-party services via REST API and Webhooks (including Slack, Google, Shopify, and others). When you configure these integrations, data flows between Wafity and those services based on your configuration. We are not responsible for the privacy practices of third-party services you choose to integrate.
5.4 Analytics & Infrastructure
- Amazon Web Services (AWS): Our platform infrastructure is hosted on AWS. Data may be stored in AWS data centers.
- Payment Processor: Payment information is handled by our payment provider and is never stored on Wafity's servers in plaintext.
đĒ 6. Cookies
We use cookies and similar tracking technologies on our website and platform. Here is what we use:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Required for login sessions, authentication, and platform functionality. Cannot be disabled. | Session / 30 days |
| Preference | Remember your settings and preferences within the platform (e.g., language, UI layout). | 1 year |
| Analytics | Help us understand how users interact with the platform so we can improve it. Data is aggregated and anonymized. | 90 days |
| Marketing | Used on the marketing website (wafity.com) to measure campaign effectiveness. You can opt out. | 30â90 days |
You can control cookie preferences through your browser settings. Disabling essential cookies may impact platform functionality.
đ¤ 7. Data Sharing
We do not sell your personal data. We do not share your data with third parties for their own marketing purposes. We may share data in the following limited circumstances:
- Service Providers: We share data with trusted vendors who help us operate Wafity (hosting, payment processing, email delivery, analytics). These providers are contractually bound to protect your data and use it only for the services they provide to us.
- AI Providers: As described in Section 5, certain data is processed by OpenAI and other AI providers when you use AI features.
- Meta / WhatsApp: As described in Section 4, messaging data is transmitted via Meta's WhatsApp Cloud API infrastructure.
- Legal Requirements: We may disclose data if required by law, court order, or government authority, or if we believe disclosure is necessary to protect the rights, property, or safety of Wafity, our users, or the public.
- Business Transfers: If Wafity is acquired, merged, or sold, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.
đī¸ 8. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes described in this policy:
- Account data is retained for the duration of your subscription and for up to 90 days after account deletion, after which it is permanently removed.
- Message and conversation data is retained for the duration of your subscription. You may delete conversations from the inbox at any time.
- Contact lists are retained until you delete them or close your account.
- Campaign and analytics data is retained for up to 24 months to allow historical reporting.
- Billing records are retained for up to 7 years as required by applicable tax and financial regulations.
- Logs and technical data are retained for up to 12 months for security and debugging purposes.
đ 9. Security
We take the security of your data seriously and implement appropriate technical and organisational measures to protect it, including:
- Encryption of data in transit using TLS/HTTPS
- Encryption of sensitive data at rest
- Strict access controls and role-based permissions within our team
- Regular security assessments and vulnerability testing
- Secure credential storage using industry-standard hashing
- Infrastructure hosted on AWS with enterprise-grade security controls
While we strive to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We encourage you to use a strong password and to contact us immediately if you suspect unauthorised access to your account.
â 10. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of your personal data (subject to legal retention obligations).
- Right to Restriction: Request that we restrict processing of your data in certain circumstances.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing of your data where we rely on legitimate interests.
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent (e.g., marketing emails).
To exercise any of these rights, please contact us at privacy@wafity.com. We will respond within 30 days. We may need to verify your identity before processing your request.
đļ 11. Children's Privacy
Wafity is a business-to-business platform and is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete it.
đ 12. Policy Changes
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform features. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify registered users via email at least 14 days before the changes take effect
- Display a prominent notice on the platform dashboard
Continued use of Wafity after changes take effect constitutes your acceptance of the updated policy. We encourage you to review this page periodically.
đŠ 13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:
Privacy Team â Wafity
We take all privacy inquiries seriously and aim to respond within 30 days.
đ§ Email: privacy@wafity.com
đ Website: wafity.com
đŦ Dashboard: dashboard.wafity.com