Privacy Policy.
Version 4.0 | Regulatory Compliance Framework • February 16, 2026
1. Introduction & Scope
This Privacy Policy governs the manner in which Infozy Technologies ("BulkWhatsappInore," "we," "our," or "us") collects, uses, maintains, and discloses information collected from users (each, a "User") of the BulkWhatsappInore platform and API services.
This policy applies to all products and services offered by BulkWhatsappInore. We operate as a Data Processor in relation to your customer data and a Data Controller in relation to your business account information.
"Our commitment to privacy is not just a legal obligation, but a core component of our technical architecture."
2. Legal Definitions
Data Controller
The legal entity that determines the purposes and means of processing personal data.
Data Processor
The entity that processes data on behalf of the controller (BulkWhatsappInore).
Sub-processor
Third-party service providers (like AWS or Meta) used to deliver our service.
PII
Personally Identifiable Information that can identify a specific individual.
3. Information Collection Mechanisms
A. Business Profile Data
We collect business registration numbers, GST/VAT credentials, corporate addresses, and professional contact details to verify your identity as a Meta Business Partner.
B. Communication Metadata
We process transmission logs including phone numbers, IP addresses, message timestamps, and delivery statuses. This metadata is essential for campaign analytics and DLT compliance.
C. Automated Technical Data
System logs, API request headers, error reports, and performance metrics are logged to maintain platform stability and detect fraudulent patterns.
5. Meta & WhatsApp API Specifics
Official Partner Transparency
As an official Meta Business Provider, your data flows through the WhatsApp Cloud API. While messages are encrypted, Meta acting as the infrastructure provider has access to the metadata required to route the message.
Encryption
End-to-end encryption is maintained until the message reaches the API Gateway. We utilize TLS 1.3 for all dashboard interactions.
Compliance
We strictly adhere to Meta's 'Opt-in' policy. We do not support or facilitate unverified scraping or unauthorized broadcasting.
6. Security Architecture
Encryption Standard
All data at rest is encrypted using AES-256 GCM. All data in transit is protected via RSA 4096-bit signatures.
Infrastructure Isolation
Our production environment utilizes Virtual Private Clouds (VPC) with restricted SSH access and automated WAF shielding.
Access Control
We enforce Multi-Factor Authentication (MFA) for all administrative access and utilize Role-Based Access Control (RBAC).
Disaster Recovery
Daily incremental backups are stored in geographically redundant locations with 15-minute RPO targets.
10. Regional Compliance Frameworks
India (DPDP Act)
We fully comply with the Digital Personal Data Protection Act 2023, ensuring that data is processed only for specified purposes with valid consent.
European Union (GDPR)
We provide Standard Contractual Clauses (SCCs) for cross-border data transfers and maintain a detailed Record of Processing Activities (ROPA).
USA (CCPA/CPRA)
California residents have the right to opt-out of the 'sale' of information. Note: BulkWhatsappInore never sells personal data to third parties.
Privacy Concerns?
Our Data Protection Office is dedicated to ensuring your rights are upheld. Reach out for GDPR inquiries, data deletion requests, or security audits.
Legal Correspondence
support@infozysms.com
Technical Security
security@infozysms.com