← Back to home

Privacy Policy

May 27, 2026

1. Who we are

Wazap is a WhatsApp automation and support platform operated by Oryn Labs LLC. For privacy inquiries, contact us at [email protected].

2. Data we collect

  • Registration data: name, email, phone number, and encrypted password.
  • Company data: business name, tax ID (optional), and domain.
  • Usage data: flows created, contacts managed, messages sent/received via WhatsApp API.
  • Technical data: IP address, user agent, access logs, and error logs for diagnostics.
  • Payment data: processed directly by the payment gateway — we do not store card numbers.

3. How we use your data

  • Provide and improve platform services.
  • Send transactional notifications (account confirmation, password reset).
  • Comply with legal and regulatory obligations.
  • Prevent fraud and ensure platform security.
  • Communicate relevant product updates (with opt-out option).

We do not sell or share your personal data with third parties for advertising purposes.

4. Data sharing

We share data only with:

  • Meta (Facebook/WhatsApp): for WhatsApp Cloud API integration, pursuant to Meta's platform terms.
  • Infrastructure providers: cloud hosting (Railway/AWS), PostgreSQL database, transactional email service (Resend).
  • Competent authorities: when required by law or court order.

5. Data retention

We retain your data while the account is active. After cancellation, data is kept for up to 90 days for support and audit purposes, then permanently deleted — unless otherwise required by law.

6. Your rights (LGPD)

You have the right to:

  • Access the data we hold about you.
  • Correct incomplete or inaccurate data.
  • Request deletion of your personal data.
  • Withdraw consent at any time.
  • Data portability, upon request.

To exercise these rights, email [email protected]. We respond within 15 business days.

7. Cookies and tracking

We use strictly necessary cookies to maintain the authenticated session. We do not use third-party advertising tracking cookies.

8. Security

We employ in-transit (TLS 1.2+) and at-rest encryption, role-based access control, and continuous threat monitoring. No system is 100% secure — in the event of an incident, we will notify affected users as required by LGPD.

9. Changes to this policy

We may update this policy periodically. We will notify you of material changes by email or in-app notice. Continued use after notification constitutes acceptance of the changes.

10. Contact

Questions, complaints, or requests:
[email protected]