Privacy Policy

For the purposes of this Privacy Policy:

• 'Data Controller' refers to the entity that determines the purposes and means of the processing of Personal Data. For account management and billing data of our direct customers, ufkas acts as the Data Controller.
• 'Data Processor' refers to the entity that processes Personal Data on behalf of the Data Controller. For the message content and end-user data processed through our platform, ufkas acts as the Data Processor on behalf of our Clients (who are the Data Controllers).
• 'Personal Data' means any information relating to an identified or identifiable natural person.

We collect different types of information for various purposes to provide and improve our Service to you.

A. Information You Provide to Us
• Account Data: When you register, we collect your name, email address, phone number, company name, and billing address.
• Payment Data: We use third-party payment processors (Stripe/Iyzico). We do not store your complete credit card details, but we store payment tokens and transaction history.
• Communications: Records of your correspondence with our support team.

B. Information Collected Automatically
• Usage Data: We collect information on how the Service is accessed and used, including your computer's Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, and other diagnostic data.
• Cookies: We use cookies and similar tracking technologies to track activity on our Service and hold certain information.

ufkas uses the collected data for various legitimate business purposes:

• Service Delivery: To provide, operate, and maintain our platform and WhatsApp API connections.
• Billing and Administration: To manage your account, process payments, and send invoices.
• Communication: To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
• Security and Compliance: To monitor the usage of our Service, detect, prevent and address technical issues, and ensure compliance with our Terms of Service.

Legal Basis (GDPR & PDPA): We process your data based on the following legal grounds: (a) Performance of a contract with you, (b) Legitimate interests (such as improving and securing the Service), (c) Compliance with legal obligations, and (d) Your consent where applicable.

We do not sell your Personal Data. We may share your information in the following situations:

• Service Providers: We employ third-party companies and individuals to facilitate our Service ('Subprocessors'), such as cloud hosting providers (AWS), email delivery services, and analytics providers. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
• Meta Platforms, Inc.: As part of WhatsApp Business API integrations, necessary data (such as phone numbers and template messages) is shared with Meta to facilitate message transmission.
• Legal Requirements: We may disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
• Business Transfers: If ufkas is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred.

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.

• Account Data: Retained for the lifetime of your account plus a grace period after cancellation.
• Message Logs: Message content and logs are retained for a limited period (typically 30-90 days) for troubleshooting and reporting purposes, after which they are automatically deleted or anonymized.
• Legal Obligations: We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable tax laws), resolve disputes, and enforce our legal agreements and policies.

ufkas aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. Under certain circumstances, you have the following data protection rights:

• The right to access: You have the right to request copies of your Personal Data.
• The right to rectification: You have the right to request that we correct any information you believe is inaccurate.
• The right to erasure: You have the right to request that we erase your Personal Data, under certain conditions.
• The right to restrict processing: You have the right to request that we restrict the processing of your Personal Data.
• The right to data portability: You have the right to be provided with a copy of the information we have on you in a structured, machine-readable format.

Marketing Preferences: You may opt out of receiving marketing communications from us by following the unsubscribe link in any email we send or by contacting us.

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located in the European Economic Area (EEA), please note that your data may be transferred to countries that do not have the same data protection laws as your jurisdiction. We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, including reliance on Standard Contractual Clauses (SCCs) where applicable.

The security of your data is important to us. We implement industry-standard security measures including encryption in transit (TLS) and at rest, access controls, and regular security audits. However, please remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Our Service is not intended for use by anyone under the age of 18 ('Children'). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us.

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any changes by posting the new Privacy Policy on this page and updating the 'Last Modified' date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy, please contact us:

• By email: [email protected]
• By visiting this page on our website: Contact Page