Privacy Policy

This Privacy Policy describes how Acronix ("we", "our", or "us") collects, uses, and discloses personal information when you use our messaging platform and related services (the "Service"), which integrates with the WhatsApp Business Platform provided by Meta Platforms, Inc.

1. Information We Collect

• Account information — name, email, role, organization, password hash.
• WhatsApp contact data — phone numbers, display names, and profile information shared by contacts who message your business.
• Message content — inbound and outbound messages sent through your WhatsApp Business number, including text, media, and interactive payloads.
• Metadata — delivery status (sent, delivered, read, failed), timestamps, template identifiers, and error codes returned by Meta.
• Usage and device data — IP address, browser type, and actions performed in the application, used for security and product improvement.

2. How We Use Your Information

• Operate the Service and route messages to and from WhatsApp.
• Enforce message-template approval status, opt-in state, and regulatory compliance.
• Provide analytics and delivery reporting to the business account owner.
• Detect abuse, prevent fraud, and honor unsubscribe / STOP requests from contacts.
• Meet legal obligations (record keeping, lawful requests from authorities).

3. Consent & Opt-Out

Businesses using Acronix are solely responsible for obtaining prior opt-in consent from recipients before sending marketing or non-transactional messages, in accordance with WhatsApp's Business Messaging Policy.

Recipients may opt out at any time by replying STOP, UNSUBSCRIBE, CANCEL, or QUIT. Our platform automatically records the opt-out and prevents further marketing messages to that number.

4. Data Sharing

We share information with:

• Meta Platforms, Inc. — for the sole purpose of delivering messages via the WhatsApp Business Platform.
• Infrastructure providers (hosting, Redis, PostgreSQL, email) — under data-processing agreements.
• Legal authorities — when required by law.

We do not sell personal information.

5. Data Retention

Message content and delivery metadata are retained for as long as needed to operate the Service and meet legal obligations. Accounts can request deletion by writing to the contact address below; deletion is completed within 30 days unless overridden by a legal hold.

6. Security

We apply industry-standard controls: HTTPS/TLS in transit, hashed passwords, scoped access tokens, role-based access control, audit logging of sensitive actions, and HMAC-verified webhooks from Meta.

7. Your Rights

Subject to applicable law (GDPR, DPDP, CCPA), you may request access, correction, export, or deletion of your personal information. Contact us using the details below.

8. Contact

9. Changes

We may update this policy from time to time. Material changes will be communicated via the Service. The "Last updated" date at the top of this page reflects the most recent revision.