Privacy Policy

Wap2b is operated by Octet Logic OPC Private Limited (“Wap2b”, “we”, “us”), a company registered in Hyderabad, India. This policy explains what personal data we collect when you use the service, how we use it, and the choices you have.

We act as a data controller for your account information and as a data processor for the message content you route through our platform to WhatsApp via Meta's WhatsApp Business Cloud API.

The minimum data needed to operate a prepaid-balance-gated WhatsApp messaging platform:

• Account: name, email, password hash, phone number, country of billing.
• WhatsApp profile metadata: business name, category, address, website, profile picture, and the Meta WABA / phone number identifiers returned to us during Embedded Signup.
• Contacts you add: phone number, name, email, group/subgroup assignment, opt-in / opt-out state and timestamps.
• Message metadata: sender profile, recipient phone number, template used, status (sent / delivered / read / failed), timestamps, amount charged, and an identifier returned by Meta for status webhook correlation.
• Balance transactions: Add Funds, debits, refunds, and balance-expiry forfeitures — each row is auditable and immutable.
• Technical: IP address, browser user-agent, session cookies. Used for security and abuse investigations.

We do not store message content beyond what is required to deliver the message to Meta and reconcile failures. We do not use your message content to train AI models.

• To operate the service: route your messages to Meta's WhatsApp Cloud API, deliver inbound webhooks to your account, and run AI assistant replies you have configured.
• To bill you accurately: balance debits, refunds for failed Meta calls, and the daily balance-expiry check.
• To send transactional emails: signup OTPs, password resets, account notifications, Add Funds receipts, and 30-day / 7-day balance-expiry reminders.
• To detect and investigate abuse, security incidents, or compliance issues related to Meta's WhatsApp Business Policy.

We share data only with the third parties we depend on to run the service:

• Meta / WhatsApp: message payloads needed to deliver each outbound message; webhook payloads for delivery status and inbound replies.
• Resend / Postmark / AWS SES: transactional email delivery.
• Razorpay: payment processing for Add Funds transactions. We never see or store full card numbers.
• Neon: our database host. Data is encrypted at rest and stored in the Asia-Pacific or EU region by default.

We do not sell your personal data to third parties. We do not use your contacts, messages, or templates to train AI models that benefit other customers. AI assistant replies that you enable use models you select; the prompts sent to those models are scoped to the conversation that triggered them.

Account data is retained for as long as your account is active. After account closure, account data is deleted within 30 days unless we are required to retain it for legal or statutory reasons.

Message metadata is retained for 12 months for billing dispute resolution, then archived. Balance transaction records (Add Funds, debits, refunds, balance-expiry forfeitures) are retained for 7 years in line with applicable tax and audit requirements.

You can request deletion of your account and associated data at any time by emailing support@octetlogictech.com.

• Access: request a copy of the personal data we hold about you.
• Correction: update inaccurate information from the dashboard or by emailing us.
• Deletion: request erasure of your account and associated data.
• Portability: export your contacts, templates, and message history in a machine-readable format.
• Withdraw consent: opt out of marketing emails at any time. Transactional emails (OTPs, billing) cannot be opted out of while your account is active.

We serve businesses globally — including India, the United States, the United Arab Emirates, the United Kingdom, Germany, Singapore, Nigeria, Brazil, and elsewhere. Personal data is stored in Neon's Asia-Pacific or EU region. Cross-border transfers for transactional email, payment processing, and Meta delivery happen under standard contractual safeguards.

If you are based in a region with specific data protection rights (GDPR, CCPA, DPDP Act, etc.), those rights apply to you and can be exercised by contacting us.

Privacy questions or requests: support@octetlogictech.com.

Postal address:
Octet Logic OPC Private Limited
#3-6-268, 2nd Floor, Reliable Business Chambers
Himayatnagar, Hyderabad, Telangana 500029
India