Data Sharing & Disclosure Policy

Data Sharing & Disclosure Policy

Last updated: 2026-07-16

This data sharing policy applies to the website, products and services offered under the brand WAAPI, operated by WAAPI (“we”, “us”, “our”), acting as the business. By accessing or using our services you agree to this data sharing policy. If you do not agree, please discontinue use of the services.

1. The short version

We do not sell your data. We do not rent it, trade it, or share it for anyone else’s advertising. Data leaves our systems in exactly four situations, set out below — and nowhere else.

2. Sub-processors who help run the service

Delivering a WhatsApp message means sending it to Meta; generating an AI reply means sending the prompt to the AI provider; taking a payment means sending your billing details to the gateway. These are not optional extras — they are the service. Every one is named, with what it receives and why, in our Third-Party Services & Sub-processors register. Each is bound by data-processing terms and may use the data only to perform its service for us.

3. When you tell us to

Connecting a channel, enabling an integration, inviting a team member, exporting a report or calling our API shares data because you instructed it. You control these from your panel and can revoke them there.

4. When the law requires it

We disclose data in response to a valid, legally binding demand from a competent authority. We check that a request is valid on its face, disclose the minimum the request compels, and — unless legally prohibited from doing so — notify you before we disclose, so that you can challenge it.

5. Business transfer

If the business is merged or acquired, data may transfer to the successor, who remains bound by this policy. We will notify you before your data becomes subject to a materially different policy.

6. Aggregated & anonymised data

We may publish aggregate statistics (for example, platform-wide delivery rates). This data is anonymised and cannot be re-identified to you, your business or your contacts.

7. Within the platform tiers

The operator that onboarded you can see your account, plan, billing and usage records — that is how they support and bill you. They cannot read the content of your conversations, contacts or media unless you explicitly grant access (for example by inviting them to your account, or by raising a support request in which you share the content).

Governing law & jurisdiction

This document is governed by the laws of India. For operators in India this includes the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and the Consumer Protection Act, 2019. Where we serve customers in other jurisdictions we honour applicable local requirements, including the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), to the extent they apply. Courts at India have exclusive jurisdiction, subject to any non-waivable consumer rights in your country of residence.

Contact us

WAAPI is operated by WAAPI. For any question about this document, contact us: