WhatsiBox

Privacy Policy

Last updated: March 24, 2026

1. Introduction

WhatsiBox ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our WhatsApp Business Platform service ("Service"). Please read this policy carefully. By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect your name, email address, company name, and password. If you sign up via Facebook/Meta, we receive your profile information as authorized during the OAuth flow.

2.2 Business Data

We store the business data you provide and generate through the Service, including: contact lists and their details (names, phone numbers, emails), message content and history, campaign data and analytics, template content, group and segment information, and custom field data.

2.3 WhatsApp Integration Data

When you connect your WhatsApp Business Account, we store your WhatsApp API credentials (Phone Number ID, Access Token, Business Account ID), webhook data including incoming and outgoing message metadata, and delivery status updates.

2.4 Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, IP address, browser type, and device information.

2.5 Payment Information

Payment processing is handled by our third-party payment processor. We do not directly store your credit card or banking details. We retain transaction records including plan name, amount, and payment status.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Providing, operating, and maintaining the Service
  • Processing your WhatsApp messages and campaigns
  • Managing your account and subscription
  • Sending administrative communications (account notifications, billing alerts)
  • Providing customer support
  • Analyzing usage patterns to improve the Service
  • Detecting, preventing, and addressing technical issues and abuse
  • Complying with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

  • With Meta/WhatsApp: Message data is transmitted through the WhatsApp Cloud API as necessary to deliver your messages
  • Payment Processors: Transaction data is shared with our payment gateway (Cashfree) to process payments
  • Service Providers: We may use third-party services for hosting, analytics, and email delivery that process data on our behalf
  • Legal Requirements: We may disclose information if required by law, court order, or governmental authority
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred

5. Data Security

We implement industry-standard security measures to protect your data, including encryption of data in transit (TLS/SSL), secure storage of credentials and tokens, password hashing using bcrypt, role-based access controls, and regular security audits. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Message data is retained according to your plan settings. After account deletion, we will delete or anonymize your data within 90 days, except where we are required to retain it by law. Backup data may persist for up to an additional 30 days.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Export: Request an export of your data in a machine-readable format
  • Restriction: Request restriction of processing your data
  • Objection: Object to processing of your personal data

To exercise these rights, please contact us at [email protected].

8. Cookies and Tracking

We use essential cookies for authentication and session management. We may use analytics cookies to understand usage patterns. You can control cookie preferences through your browser settings. The Service does not respond to Do Not Track signals.

9. Third-Party Services

The Service integrates with third-party services including Meta/WhatsApp (for messaging), Facebook (for Embedded Signup authentication), and payment processors. These services have their own privacy policies, and we encourage you to review them. We are not responsible for the privacy practices of these third-party services.

10. Children's Privacy

The Service is not intended for use by children under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child, we will take steps to delete that information.

11. International Data Transfers

Your data may be transferred to and maintained on servers located outside your country. By using the Service, you consent to the transfer of your data to other countries where data protection laws may differ from those in your jurisdiction.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on the Service and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

13. Data Deletion Instructions

You can request deletion of your data in one of the following ways:

  • Via Facebook: Remove WhatsiBox from your connected apps in Facebook Settings. We will automatically receive and process your deletion request.
  • Via our Data Deletion page: Visit our Data Deletion Request page to check the status of your request or learn how to submit one.
  • Via email: Send a request to [email protected] with your account email address.

We will process deletion requests within 30 days. Some data may be retained as required by law or for legitimate business purposes (e.g., billing records).

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: