Skip to main contentSkip to navigation

Privacy Policy

Last updated: April 28, 2026

1. Introduction

Welcome to WatEase ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our WhatsApp Business platform and related services.

By using WatEase, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, and business details
  • WhatsApp Business Account Data: WhatsApp Business Account ID, phone number ID, access tokens
  • Payment Information: Billing address and payment method details (processed securely by our payment providers)
  • Communications: Messages, support tickets, and feedback you provide to us

2.2 Automatically Collected Information

  • Usage Data: How you interact with our platform, features used, and actions taken
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, pages viewed, app crashes, and system activity
  • Cookies and Tracking: We use cookies and similar technologies to track activity and improve our services

2.3 WhatsApp Platform Data

  • Message Data: Content and metadata of WhatsApp messages sent and received through our platform
  • Contact Information: Phone numbers and contact details of your customers
  • Media Files: Images, videos, documents, and other files shared through WhatsApp
  • Analytics Data: Message delivery status, read receipts, response times, and engagement metrics

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: To operate and maintain our platform, process transactions, and deliver WhatsApp messaging services
  • Account Management: To create and manage your account, verify your identity, and provide customer support
  • WhatsApp Integration: To connect your WhatsApp Business Account, send and receive messages, and manage message templates
  • Analytics: To analyze usage patterns, measure performance, and improve our services
  • Marketing: To send you promotional materials, newsletters, and service updates (with your consent)
  • Compliance: To comply with legal obligations, enforce our terms, and protect against fraud
  • Communication: To respond to your inquiries, provide technical support, and send important notices

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • Meta/WhatsApp: We share necessary information with Meta to enable WhatsApp Business API integration
  • Service Providers: We work with third-party service providers for hosting, payment processing, analytics, and email delivery
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred
  • Legal Requirements: We may disclose information when required by law, court order, or government request
  • Protection: To protect our rights, property, safety, and that of our users and the public
  • Consent: With your explicit consent for any other purpose

We do not sell your personal information to third parties.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption of data in transit using TLS/SSL protocols
  • Encryption of sensitive data at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Secure data centers with physical and network security
  • Employee training on data protection and security practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal, tax, and accounting obligations
  • Resolve disputes and enforce our agreements
  • Meet WhatsApp Business Platform data retention requirements

When you close your account we retain your data for 30 days (in case you reactivate), then permanently delete or anonymize it from active systems. Encrypted backups may carry residual data for up to 30 additional days before they are purged on rotation. Statutory exceptions (tax, accounting, dispute records) are kept for the period the law requires and no longer. You can request immediate deletion via our data-deletion page at any time.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (right to be forgotten). See our Data Deletion Instructions for step-by-step guidance
  • Data Portability: Request a copy of your data in a machine-readable format
  • Restriction: Request restriction of processing of your personal information
  • Objection: Object to processing of your personal information for certain purposes
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis
  • Opt-out: Unsubscribe from marketing communications at any time

To exercise these rights, please contact us at support@watease.com. We will respond to your request within 30 days.

8. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process your data based on contract performance, legitimate interests, legal obligations, or your consent
  • Data Protection Officer: Contact our DPO at support@watease.com for privacy concerns
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
  • International Transfers: We use standard contractual clauses approved by the European Commission for data transfers outside the EEA

9. DPDPA Compliance (Indian Users)

WatEase is incorporated in India and processes personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA), the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. If you are a Data Principal located in India, you have the following rights:

  • Right to Notice: Receive a clear, plain-language notice describing the personal data we process and the purposes for which it is processed
  • Right to Consent: Provide free, specific, informed, unconditional, and unambiguous consent before we process your personal data, where consent is the basis of processing
  • Right to Access: Obtain a summary of the personal data being processed and the processing activities undertaken
  • Right to Correction and Erasure: Request correction of inaccurate or misleading data, completion of incomplete data, updating of data, and erasure of personal data that is no longer necessary for the purpose for which it was collected
  • Right to Grievance Redressal: Have a readily available means to raise grievances with our Grievance Officer (see Section 16 below)
  • Right to Withdraw Consent: Withdraw consent at any time, with the same ease as it was given. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal
  • Right to Nominate: Nominate another individual who shall, in the event of your death or incapacity, exercise these rights on your behalf
  • Right to Lodge Complaints: Approach the Data Protection Board of India under Section 28 of the DPDPA if your grievance is not resolved by our Grievance Officer within the statutory timeline

We process personal data lawfully, for specified purposes, and in a manner consistent with the principles of purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality. To exercise any of the rights above, contact our Grievance Officer at the address listed in Section 16.

10. CCPA Compliance (California Users)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
  • Authorized Agent: You may designate an authorized agent to make requests on your behalf

To exercise your CCPA rights, email us at support@watease.com. We will verify your identity before processing your request.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for basic platform functionality and security
  • Performance Cookies: Help us understand how visitors interact with our platform
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Collect anonymous usage data to improve our services

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our platform.

12. Children's Privacy

WatEase is a business-to-business commerce platform intended for use by businesses and the individuals authorised to act on their behalf. Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from children. If you believe we have inadvertently collected personal data from a child, please contact our Grievance Officer (Section 16) and we will take steps to delete it promptly. Where required under the DPDPA 2023, we obtain verifiable parental consent before processing the personal data of a child or a person with disability who has a lawful guardian.

13. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by data protection authorities
  • Other legally approved transfer mechanisms

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending you an email notification (for material changes)
  • Displaying a prominent notice on our platform

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General queries: support@watease.com

Privacy / Data Protection Officer: support@watease.com

Grievance Officer (DPDPA / IT Rules): support@watease.com — see Section 16 for details

Address: WatEase Research Labs Private Limited, Tata Ariana, Kalinga Nagar, Bhubaneswar, Odisha, 751029, India

16. Grievance Officer

In accordance with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and Rule 5(9) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, WatEase has appointed a Grievance Officer to address questions, concerns, and complaints relating to the processing of your personal data and our compliance with applicable Indian law.

Office: Office of the Grievance Officer, WatEase Research Labs Private Limited

Role: Grievance Officer (DPDPA, 2023) and Data Protection Officer

Email: support@watease.com — please mark the subject line “Grievance — DPDPA” for fastest routing

Postal Address: Office of the Grievance Officer, WatEase Research Labs Private Limited, Tata Ariana, Kalinga Nagar, Bhubaneswar, Odisha, 751029, India

Hours: Monday to Friday, 10:00 to 18:00 IST (excluding public holidays)

Response timelines:

  • Acknowledgement of your grievance within 48 hours of receipt
  • Substantive response and, where appropriate, resolution within 30 days, in line with Rule 5(9) of the IT Rules, 2011
  • If a complaint cannot be resolved within 30 days, we will explain the reason and provide a revised timeline

If your grievance is not satisfactorily resolved by our Grievance Officer, you may approach the Data Protection Board of India under Section 28 of the DPDPA, 2023 for further redressal.

17. WhatsApp Business Platform Privacy

WatEase integrates with Meta's WhatsApp Business Cloud API and complies with the relevant privacy and data protection requirements:

  • We act as a data processor for messages sent through WhatsApp on your behalf
  • Note: WhatsApp Business Cloud API messages are server-mediated by Meta — they are not end-to-end encrypted between you and the customer the way the consumer WhatsApp app is. Treat sensitive content accordingly.
  • We only access message metadata necessary to provide our services
  • We comply with WhatsApp Business Data Processing Terms
  • You remain the data controller for messages sent to your customers

For more information about WhatsApp's privacy practices, please review the WhatsApp Privacy Policy.

17.1 WhatsApp Data Retention

Messages, contacts, and webhook events received through the WhatsApp Business Platform are retained for the duration of your active subscription plus thirty (30) days for account-recovery purposes. After that window, message bodies are permanently deleted from active systems and anonymized in archival logs. Encrypted backups carry residual data for an additional thirty (30) days before rotation. Statutory exceptions (tax records, dispute logs) are kept for the period the law requires and no longer.

17.2 WhatsApp Data Deletion & Deauthorization

You can revoke WatEase's access to your WhatsApp Business Account at any time. The data path is:

  • In-app disconnect: Settings → Integrations → WhatsApp → Disconnect. Tokens are revoked, webhooks unsubscribed, and the account row soft-deleted within seconds.
  • Facebook → Settings → Business Integrations → Remove app: Meta delivers a Deauthorize signed_request to /api/v1/whatsapp/deauthorize-callback. We HMAC-verify it, log an audit event, and disable any WhatsApp accounts owned by your Facebook user_id.
  • Data Deletion Request: Meta delivers a signed_request to /api/v1/whatsapp/deletion-callback. We respond with a confirmation_code + status URL, then asynchronously erase your WhatsApp messages, contacts, templates, automation flows, analytics, webhook events, and anonymize the WhatsApp identifiers on associated customer records. Cross-channel data (email, Instagram, Messenger) is preserved unless you separately request its deletion.
  • Self-service: Visit our Data Deletion page to file a request directly.

All four paths are idempotent — duplicate revocations return the same audit row rather than re-running cleanup. Status URLs returned to Meta are public and rendered as a human-readable confirmation page.

Terms and Conditions →Back to Home →