Privacy Policy

1.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, phone number, company name, and password
• WhatsApp Business Account Credentials: WhatsApp Business Account ID, Phone Number ID, and Access Token
• Contact Data: Contact lists you upload or import (names, phone numbers, and any custom fields)
• Message Content: Templates, campaigns, and messages you create and send through our platform
• Payment Information: Billing address and payment method details (processed securely through third-party payment processors)
• Support Communications: Information you provide when contacting customer support

1.2 Information Collected Automatically

When you use our Service, we automatically collect certain information:

• Device Information: Device type, operating system, unique device identifiers, mobile network information
• Usage Data: Features used, pages viewed, time spent, click patterns, and interaction data
• Log Data: IP address, browser type, access times, pages viewed, and referring URLs
• Location Data: Approximate location based on IP address (not precise GPS location)
• Cookies and Similar Technologies: Data collected through cookies, web beacons, and similar tracking technologies

1.3 Information from Third Parties

We may receive information from third-party sources:

• WhatsApp Cloud API: Message delivery status, read receipts, and webhook data
• Analytics Providers: Usage statistics and performance metrics
• Advertising Partners: Ad performance and attribution data (Google Mobile Ads)

We use the collected information for various purposes:

2.1 Service Provision

• Create and manage your account
• Process and deliver WhatsApp messages through the WhatsApp Cloud API
• Store and manage your contacts, templates, and campaigns
• Provide customer support and respond to inquiries
• Send service-related notifications and updates

2.2 Service Improvement

• Analyze usage patterns to improve our platform
• Develop new features and functionality
• Monitor and analyze trends, usage, and activities
• Detect, prevent, and address technical issues

2.3 Communication

• Send you technical notices, updates, security alerts
• Provide customer service and support
• Send marketing communications (with your consent)
• Respond to your comments and questions

2.4 Legal and Security

• Comply with legal obligations and law enforcement requests
• Protect against fraud, abuse, and security risks
• Enforce our Terms of Service and other policies
• Protect the rights, property, and safety of Zonnex, our users, and the public

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share data with third-party service providers who perform services on our behalf:

• Meta/WhatsApp: To send messages through WhatsApp Cloud API
• Cloud Hosting: To store and process data securely
• Analytics Services: To understand usage patterns (Google Analytics, Firebase)
• Advertising Networks: To display ads (Google Mobile Ads)
• Payment Processors: To process payments securely

3.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Government or regulatory requests
• Protection of our legal rights
• Investigation of potential violations
• Protection of safety of users or the public

3.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

3.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

We implement appropriate technical and organizational security measures to protect your personal information:

4.1 Technical Measures

• Encryption: Data in transit is encrypted using TLS/SSL protocols
• Secure Storage: Data at rest is encrypted using industry-standard encryption
• Access Controls: Role-based access controls and authentication mechanisms
• Secure APIs: API authentication using secure tokens and credentials
• Regular Security Audits: Periodic security assessments and vulnerability testing

4.2 Organizational Measures

• Limited access to personal data on a need-to-know basis
• Employee training on data protection and security
• Confidentiality agreements with employees and contractors
• Incident response procedures for data breaches

Depending on your location, you may have certain rights regarding your personal information:

5.1 Access and Portability

• Request access to your personal information
• Receive a copy of your data in a structured, machine-readable format
• Export your contacts, templates, and campaign data

5.2 Correction and Update

• Update your account information through the app settings
• Correct inaccurate or incomplete data
• Request correction of errors in your personal information

5.3 Deletion

• Delete your account and associated data through app settings
• Request deletion of specific personal information
• Right to be forgotten (subject to legal retention requirements)

5.4 Objection and Restriction

• Object to processing of your personal information
• Restrict certain processing activities
• Opt-out of marketing communications
• Disable push notifications in app settings

5.5 Withdraw Consent

Where we rely on your consent to process personal information, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing before withdrawal.

5.6 Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence, workplace, or where an alleged infringement occurred.

We use cookies and similar tracking technologies to track activity on our Service and store certain information.

6.1 Types of Cookies We Use

• Essential Cookies: Required for the Service to function properly (authentication, security)
• Analytics Cookies: Help us understand how users interact with our Service (Google Analytics, Firebase)
• Advertising Cookies: Used to deliver relevant ads (Google Mobile Ads)
• Preference Cookies: Remember your settings and preferences

6.2 Managing Cookies

You can control cookies through:

• Browser settings (most browsers allow you to refuse cookies)
• Mobile device settings (limit ad tracking, reset advertising ID)
• Third-party opt-out tools (Google Ads Settings, Network Advertising Initiative)

Note: Disabling certain cookies may limit your ability to use some features of our Service.

Our Service integrates with and relies on third-party services. We are not responsible for the privacy practices of these third parties.

7.1 Key Third-Party Services

• WhatsApp Cloud API (Meta): For sending and receiving WhatsApp messages
  WhatsApp Privacy Policy →
• Firebase (Google): For push notifications and analytics
  Firebase Privacy Policy →
• Google Mobile Ads: For displaying advertisements
  Google Privacy Policy →

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

8.1 Safeguards

When we transfer personal data internationally, we implement appropriate safeguards:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by relevant data protection authorities
• Privacy Shield frameworks (where applicable)
• Binding corporate rules and codes of conduct

8.2 EU-US and Swiss-US Data Transfers

For transfers from the European Economic Area (EEA) or Switzerland to the United States, we comply with applicable legal frameworks and implement appropriate safeguards to protect your personal information.

Our Service is not intended for children under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

10.1 Retention Periods

• Account Data: Retained while your account is active and for 90 days after deletion
• Message Data: Retained for 90 days or as configured in your settings
• Contact Data: Retained until you delete contacts or close your account
• Analytics Data: Aggregated and anonymized data may be retained indefinitely
• Legal/Compliance Data: Retained as required by applicable laws and regulations

10.2 Deletion

When we no longer need your personal information, we will securely delete or anonymize it. You can request deletion of your account and data at any time through the app settings or by contacting us.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

11.1 Notification of Changes

When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this policy
• Send you a notification through the app or via email
• Display a prominent notice on our website
• Request your consent if required by applicable law

11.2 Your Acceptance

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree with the changes, you should discontinue use of the Service and delete your account.