Last updated: April 2026
We collect information you provide directly: business name, email, phone number, and billing details when you register. We also collect usage data including messages sent/received through our platform, contact lists you import, and feature usage analytics. We do not collect or store the content of WhatsApp conversations on our servers beyond what is necessary to display them in your inbox — messages are fetched in real-time from Meta's API.
We use your information to: provide and improve the D2C.EdgifyOS platform; send transactional emails (invoices, password resets); send WhatsApp notifications (morning brief, renewal reminders) to your registered number; provide customer support; comply with legal obligations including GST reporting requirements under Indian tax law.
We do not sell your personal information. We share data only with: Meta Platforms (to deliver WhatsApp/Instagram messages via their API); Razorpay (to process payments); Resend (to send transactional emails); Supabase (our database infrastructure). All processors are bound by data processing agreements. We may disclose information if required by Indian law or court order.
D2C.EdgifyOS is a WhatsApp Business Solution Provider (BSP). By using our platform, you agree to Meta's WhatsApp Business Terms of Service and Acceptable Use Policy. Customer phone numbers and message content are processed in accordance with Meta's data policies. You are responsible for ensuring your use of the WhatsApp Business API complies with applicable laws and Meta's policies, including obtaining necessary consents from your customers.
We retain your account data for the duration of your subscription and for 90 days after account closure. Message logs are retained for 24 months. You can request export of your data at any time from Settings → Data & Export. Upon account deletion, all personal data is purged within 90 days in compliance with the Digital Personal Data Protection (DPDP) Act, 2023.
We implement industry-standard security measures: all data is encrypted in transit (TLS 1.3) and at rest (AES-256); passwords are hashed using bcrypt; API keys and tokens are stored encrypted; access tokens are scoped and rotated regularly; our infrastructure is hosted on Supabase (SOC 2 Type II certified) and Vercel.
Under the Digital Personal Data Protection Act, 2023, you have the right to: access your personal data; correct inaccurate data; erase your data (right to be forgotten); withdraw consent for data processing; nominate a person to act on your behalf. To exercise these rights, contact us at privacy@edgifyos.com.
We use strictly necessary cookies only: a session cookie (wa_session) to keep you logged in, and an admin session cookie (wa_admin_session) for admin access. We do not use tracking, analytics, or advertising cookies.
For privacy-related queries: privacy@edgifyos.com Edgify Multitrade Pvt Ltd, Jabalpur, Madhya Pradesh — 482001 GSTIN: 23AAHCE3269P1Z7