Privacy Policy

Effective Date: July 1, 2026 • Last Updated: July 7, 2026

1. Introduction

This Privacy Policy describes how Weservecodes Pvt Ltd(“Company”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects personal information when you use the SendyPlatform (“Platform” or “Service”).

We operate as a Business-to-Business (B2B) messaging infrastructure provider, facilitating programmatic message delivery through Meta’s WhatsApp Cloud API and the Telegram Bot API on behalf of our registered business clients.

By using the Platform, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

We collect the following categories of information:

2.1 Account Registration Data

  • Full name of the account holder or business representative.
  • Business email address.
  • Business name and contact information.
  • Login credentials (password is stored in hashed/encrypted form only).

2.2 Platform Usage Data

  • API keys generated and their usage statistics.
  • Message transmission logs (recipient phone numbers, message content, delivery status, timestamps).
  • WhatsApp Business Account IDs (WABA IDs) and Meta App IDs.
  • Telegram Bot tokens and chat IDs.
  • Wallet balance and transaction history.
  • Subscription plan details.

2.3 Technical Data

  • IP addresses, browser type, and device information.
  • Access logs and session timestamps.
  • Webhook endpoint URLs configured by the client.

2.4 End-User Data (Processed on Behalf of Clients)

When our business clients use the Platform to send messages, we process the following end-user data solely as a data processor acting on behalf of our clients (data controllers):

  • Recipient phone numbers or Telegram chat IDs.
  • Message content (text, media URLs, template variables).
  • Delivery status and read receipts.

We do not independently collect, contact, or profile end-users. The responsibility for obtaining proper consent from end-users lies with our business clients as outlined in our Terms of Service.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To authenticate your API requests, route messages to Meta/Telegram servers, and deliver status updates via webhooks.
  • Account Management: To manage your account, process billing transactions, and provide customer support.
  • Analytics & Dashboards: To render message delivery statistics, usage metrics, and performance analytics on your dashboard.
  • Security: To detect, prevent, and respond to fraud, abuse, security incidents, and technical issues.
  • Compliance: To comply with legal obligations, enforce our Terms of Service, and respond to lawful requests from authorities.
  • Service Improvement: To analyze aggregate usage patterns (without identifying individual end-users) to improve Platform reliability and features.

4. Data Sharing & Disclosure

We do not sell, rent, trade, or share personal data with third-party advertisers, data brokers, or marketing networks.

We may share data only in the following limited circumstances:

  • Meta Platforms, Inc.: Message content and recipient data is transmitted to Meta’s WhatsApp Cloud API servers for message delivery. This data sharing is governed by Meta’s own privacy policies and data processing terms.
  • Telegram: Message content and chat IDs are transmitted to Telegram Bot API servers for delivery, governed by Telegram’s privacy policy.
  • Payment Processors: If applicable, billing information may be shared with PCI-compliant payment gateways to process wallet top-ups and subscription payments.
  • Legal Requirements: We may disclose data when required by law, regulation, legal process, or enforceable governmental request, or to protect the rights, property, or safety of the Company, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of the business assets, with prior notice to affected users.

5. Data Security

We implement industry-standard technical and organizational security measures to protect your data:

  • Encryption in Transit: All data transmitted between your systems and our Platform uses TLS 1.2/1.3 (HTTPS) encryption.
  • Encryption at Rest: Sensitive data including passwords and API keys are stored using industry-standard hashing (bcrypt) and encryption algorithms.
  • Access Controls: Role-based access control (RBAC) limits internal access to data on a need-to-know basis.
  • Infrastructure Security: Our servers are hosted on secure cloud infrastructure with firewalls, intrusion detection, and regular security audits.
  • API Authentication: All API requests require cryptographic key authentication with rate limiting to prevent abuse.

While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

6. Data Retention

  • Account Data: Retained for the duration of your active account plus 90 days after account deletion to allow for recovery or dispute resolution.
  • Message Logs: Message metadata (recipient, status, timestamps) is retained for up to 90 days for analytics and troubleshooting purposes. Message content (body text) is purged within 30 days of successful delivery.
  • Billing Records: Transaction records are retained for a minimum of 7 years to comply with applicable financial and tax regulations.
  • Technical Logs: Server access logs and security audit trails are retained for up to 12 months.

You may request earlier deletion of your data at any time through our Data Deletion Policy.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: You may request a copy of the personal data we hold about you.
  • Right to Correction: You may request correction of inaccurate or incomplete personal data.
  • Right to Deletion: You may request the deletion of your personal data, subject to legal retention requirements. See our Data Deletion Policy.
  • Right to Restriction: You may request restriction of processing of your personal data under certain circumstances.
  • Right to Data Portability: You may request your data in a structured, commonly used, machine-readable format.
  • Right to Object: You may object to processing of your personal data for specific purposes.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at sales@weservecodes.com. We will respond to your request within 30 days.

8. Cookies & Tracking

The Platform uses essential cookies and local storage for authentication (session tokens/JWT) and user preference management. We do not use third-party advertising cookies or tracking pixels.

  • Session Cookies: Used to maintain your authenticated login state. These are essential for Platform functionality.
  • Local Storage: Used to store JWT authentication tokens and UI preferences on your device.

9. Children’s Privacy

The Platform is designed for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately so we can take appropriate action to delete such data.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States (where Meta’s servers are located) and other jurisdictions where our cloud infrastructure providers operate.

Where such transfers occur, we ensure appropriate safeguards are in place, including contractual obligations with our service providers to protect your data in accordance with applicable data protection laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to your registered address and/or a prominent notice on the Platform at least 15 days before the changes take effect.

The “Last Updated” date at the top of this page reflects the most recent revision. Your continued use of the Platform after any changes constitutes acceptance of the updated policy.

12. Grievance Officer

In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (India), the designated Grievance Officer for data-related concerns is:

  • Name: Weservecodes Pvt Ltd Data Protection Team
  • Email: sales@weservecodes.com
  • Phone: +91 99099 18020
  • Response Time: We aim to acknowledge all grievances within 48 hours and resolve them within 30 days.

13. Contact Us

For any questions or concerns about this Privacy Policy, please contact: