Privacy Policy
Effective Date: 19 May 2026
Last Updated: 19 May 2026
App Name: BizMitra Solutions - WhatsApp API Solutions
Operating Entity: BizMitra Solutions, Bangalore, Karnataka, India
Website: https://wa.bizmitrasolutions.in
1. Introduction and Scope
BizMitra Solutions ("we", "us", "our") provides WhatsApp Business API solutions, including messaging, automation, CRM integration, and related services through our platform at https://wa.bizmitrasolutions.in.
This Privacy Policy explains how we collect, use, share, and protect data when businesses use our WhatsApp API Solutions. We are a Meta Tech Provider and operate in compliance with Meta Platform Terms, WhatsApp Business Terms of Service, WhatsApp Business Messaging Policy, and applicable data protection laws including the Digital Personal Data Protection Act, 2023 (India) and GDPR.
By using our WhatsApp API Solutions, you agree to this policy.
2. Information We Collect
We collect 3 categories of data to provide our services:
A. Business Account Data
We collect: Company name, contact person, email, phone, billing address, GST/PAN, login credentials, WABA ID.
We collect this to: Create accounts, deliver service, handle billing, provide support, and meet Meta compliance requirements.
B. Platform Usage Data
We collect: IP address, browser type, device ID, log files, cookies, feature usage, API call logs.
We collect this to: Secure the platform, debug issues, monitor performance, and prevent abuse.
C. End-User Message Data
We collect: Phone numbers, message content, media attachments, timestamps, delivery and read receipts processed via WhatsApp API.
We collect this to: Transmit messages via Meta’s WhatsApp Business Platform on your behalf. BizMitra Solutions acts as a Data Processor/Tech Provider. You are the Data Controller.
WhatsApp API Specific Note: We do not read, store, or analyze message content unless required for technical support, compliance audits, or with your explicit written request. All messages are processed through Meta’s infrastructure per WhatsApp’s end-to-end encryption standards.
3. How We Use Data
Service Delivery: To provision WhatsApp API access, phone number onboarding, message routing, and webhook management.
Support & Communication: To respond to support tickets, send service alerts, policy updates, invoices, and compliance notices.
Compliance & Monitoring: To monitor usage for adherence to WhatsApp Business Messaging Policy, prevent spam, and meet Meta Tech Provider requirements.
Platform Improvement: To analyze aggregated, anonymized usage data to improve reliability, uptime, and features.
Legal Obligations: To comply with applicable laws, Meta Platform Terms, and valid law enforcement requests.
We do not use WhatsApp message content for advertising, marketing profiling, or AI training.
4. Legal Basis & Your Responsibilities as a Business
If you use BizMitra Solutions to message customers on WhatsApp:
You confirm you have obtained all necessary opt-ins and consents from end-users as required by WhatsApp Business Messaging Policy and local laws.
You must maintain your own privacy policy and inform your end-users that their data will be processed via WhatsApp and BizMitra Solutions.
BizMitra Solutions processes end-user data strictly on your documented instructions as a Tech Provider under Meta’s terms.
5. Data Sharing & Disclosure
We do not sell, rent, or trade personal data. Data is shared only in these cases:
With Meta Platforms, Inc.: To route messages via WhatsApp Business Platform APIs. Governed by Meta Platform Terms and Data Processing Terms.
With Cloud Infrastructure Providers like AWS/Mumbai Region: For secure hosting, storage, and backups. Protected by Data Processing Agreements, encryption at rest, and access logs.
With Payment Processors like Razorpay: To process subscription fees. These providers are PCI-DSS compliant. We do not store card data.
With Legal Authorities: To comply with law, court order, or to protect rights and safety. We share data only after verifying the legal validity of the request.
6. Data Security
Encryption: All data in transit uses TLS 1.2 or higher. All data at rest uses AES-256 encryption.
Access Control: We use role-based access for staff, enforce 2FA, and maintain full audit logs.
Meta Compliance: We meet Meta’s Tech Provider security requirements, including annual assessments.
Breach Notification: We will notify you and relevant authorities within 72 hours of becoming aware of any data breach affecting personal data.
You are responsible for securing your API keys, Meta Business Manager access, and employee credentials.
7. Data Retention
Business Account Data: Retained while your account is active and for 90 days after closure for billing and legal purposes.
Message Metadata: Delivery/read receipts and timestamps are retained 30 days for debugging.
Message Content: Not stored by default. If you enable chat history features, retention is per your plan, with a maximum of 180 days.
Legal Holds: Data may be retained longer if required by law or an ongoing dispute.
8. Your Privacy Rights
You may request to access, correct, delete, or export your business account data by emailing support@bizmitrasolutions.in. We will respond within 30 days.
End-users who receive WhatsApp messages from you should submit data requests to you directly. BizMitra Solutions will assist you in fulfilling valid requests related to data we process.
9. International Data Transfers
We primarily store data in India. When data is transferred to Meta in the US or Singapore for WhatsApp message delivery, we rely on Standard Contractual Clauses and comply with DPDP Act 2023 requirements for cross-border transfers.
10. Children’s Privacy
Our services are intended for businesses. We do not knowingly collect data from individuals under 18. WhatsApp’s minimum age is 16 in the EU and 13 elsewhere.
11. Changes to This Policy
If we update this policy, we will post the new version at this URL and update the “Last Updated” date. We will notify you of material changes via email and a dashboard banner 14 days in advance. Continued use after notice constitutes acceptance.
12. Contact & Grievance Information
Data Controller: BizMitra Solutions
Registered Address: Bangalore, Karnataka, India - 560001
Email: support@bizmitrasolutions.in
Grievance Officer: Adeeb Ahmed T, grievance@bizmitrasolutions.in
Meta/WhatsApp Compliance Contact: meta-compliance@bizmitrasolutions.in