Privacy Policy

Summary Whacaster ("we", "us", "our") is a technology provider offering a WhatsApp Business API integration platform. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform at crm.whacaster.com.

1. Overview and Scope

This Privacy Policy applies to all users of the Whacaster platform, including business clients, their employees (agents), and end customers who interact via WhatsApp channels managed through our platform.

Whacaster operates as a data processor for our business clients (who are data controllers) in relation to their end customers' personal data. We also operate as a data controller for data collected directly from our registered clients.

2. Information We Collect

2.1 Account Registration Data

Full name and business name
Email address and phone number
Business address and industry type
WhatsApp Business Phone Number(s) registered to our platform
Meta Business Manager ID and WhatsApp Business Account (WABA) ID
Billing and payment information (processed by third-party payment providers)

2.2 Platform Usage Data

Login activity, IP addresses, and session data
Features accessed and actions taken on the platform
Device and browser information

2.3 WhatsApp Communication Data (Processed on Behalf of Clients)

Sender and recipient phone numbers
Message content, timestamps, and delivery status
Media files (images, documents, audio) sent or received
Contact information imported by our clients
Chatbot interaction logs

3. How We Use Your Information

Service Delivery: To operate, maintain, and improve the Whacaster platform.
Account Management: To create and manage your account and provide customer support.
WhatsApp API Integration: To facilitate message routing via the Meta WhatsApp Business API.
Billing: To process subscription payments and issue invoices.
Security: To detect, prevent, and address technical issues and fraud.
Legal Compliance: To comply with applicable laws and Meta's platform policies.

4. WhatsApp Business API Data Handling

Notice for WhatsApp End Users If you have communicated with a business using Whacaster, your messages are processed by our platform on behalf of that business. The business is responsible for obtaining your consent to communicate via WhatsApp.

As a WhatsApp Business API technology provider, we process WhatsApp message data solely to deliver our services. Specifically:

We do not read or analyze end-customer message content for our own purposes.
Message content is stored only for the period required to deliver the service.
We comply fully with Meta's Business Solution Provider Addendum.
All data is transmitted via encrypted connections (TLS 1.2 or higher).
We do not use WhatsApp message data to train AI models or for advertising.

We do not sell, rent, or trade your personal data. We may share data only in the following circumstances:

Meta Platforms, Inc.: As required to operate the WhatsApp Business API.
Service Providers: Trusted vendors assisting in platform operations (cloud hosting, payment processors). These vendors are contractually bound to protect your data.
Legal Requirements: If required by law, court order, or government authority.
Business Transfer: In the event of a merger or acquisition, you will be notified.

6. Data Retention

Account data: Retained for the duration of your active subscription plus 12 months after termination.
Message data: Retained for a maximum of 12 months unless required longer by law.
Billing records: Retained for 7 years as required by Indonesian tax regulations.
System logs: Retained for 90 days.

7. Security Measures

TLS encryption for all data in transit
AES-256 encryption for sensitive data at rest
Role-based access controls for agents and administrators
Regular security audits and vulnerability assessments
Multi-factor authentication options for account access
Server infrastructure hosted in ISO 27001-certified data centers

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data, and to withdraw consent or object to certain processing. To exercise these rights, contact us at privacy@whacaster.com. We will respond within 30 days.

9. Cookies and Tracking Technologies

We use cookies to maintain login sessions, analyze platform usage, and prevent fraud. We do not use third-party advertising cookies. You can control cookies through your browser settings, though disabling certain cookies may limit platform functionality.

10. Children's Privacy

Our platform is intended for business use only and is not directed to individuals under the age of 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes via email and update the "Last Updated" date at the top of this page.