Privacy Policy

1. Overview

OfficeAPI is a WhatsApp Business API platform operated by DBDITS Services ("Company", "we", "us"). This Privacy Policy applies to all users of officeapi.in and the OfficeAPI platform.

We are committed to protecting your personal data and complying with applicable privacy laws including India's Digital Personal Data Protection Act (DPDPA) 2023 and relevant international privacy standards.

🔒 We do not sell your personal data to any third party. Your data is used solely to provide and improve our services.

2. What Information We Collect

We collect the following categories of information:

Category	Data Collected	Purpose
Account Data	Name, email, phone number, business name, GST number	Account creation & billing
Usage Data	Messages sent, campaign data, chatbot flows, login times	Service delivery & analytics
Contact Data	Your customer phone numbers & names (imported by you)	To send messages on your behalf
Payment Data	Billing address, payment method (processed securely via payment gateway)	Subscription billing
Technical Data	IP address, browser type, device info, cookies	Security & platform optimization

3. How We Use Your Information

We use the collected information for the following purposes:

To provide, operate, and maintain the OfficeAPI platform
To process your subscription payments and issue invoices
To send messages via WhatsApp API on your behalf
To send you important service updates, billing alerts, and policy changes
To provide customer support and respond to your queries
To monitor platform usage and prevent fraudulent or abusive activity
To improve our platform features based on usage patterns
To comply with legal obligations and law enforcement requests

We will never use your data for advertising or sell it to third-party marketers.

4. Data Sharing & Third Parties

We share your data only in the following limited circumstances:

Meta / WhatsApp: To deliver messages through the WhatsApp Business API. Meta processes message data as per their own Privacy Policy.
Payment Gateways: Your payment information is processed securely through PCI-DSS compliant payment processors. We do not store full card details.
Cloud Infrastructure: We use secure cloud hosting providers to store platform data. These providers are bound by strict data processing agreements.
Legal Authorities: We may disclose data if required by a court order, government authority, or applicable law.

✅ We do NOT share, sell, rent, or trade your personal data or your customers' contact data with any third party for commercial purposes.

5. Data Security

We implement industry-standard security measures to protect your data:

End-to-end SSL/TLS encryption for all data in transit
Encrypted storage for sensitive data at rest
Role-based access control for our internal team
Regular security audits and vulnerability assessments
API key authentication and IP whitelisting options for users

While we take all reasonable steps to protect your data, no system is 100% secure. In the event of a data breach that affects your personal data, we will notify you within the timeframe required by applicable law.

6. Cookies & Tracking

Our website uses cookies and similar technologies to improve your experience:

Essential Cookies: Required for the platform to function (login sessions, security)
Analytics Cookies: Help us understand how users interact with our platform (e.g., Google Analytics)
Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser preferences. Disabling essential cookies may affect platform functionality.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Specific retention periods:

Account Data: Retained for the duration of your subscription + 90 days after account closure
Message Logs: Retained for 90 days from the date of sending
Contact Data: Deleted within 30 days of account termination upon your request
Billing Records: Retained for 7 years as required by Indian tax laws

You may request deletion of your personal data at any time by writing to hello@officeapi.in.

8. Your Rights

As a user, you have the following rights over your personal data:

Right to Access: Request a copy of the personal data we hold about you
Right to Correction: Ask us to correct inaccurate or incomplete data
Right to Deletion: Request deletion of your personal data (subject to legal obligations)
Right to Portability: Receive your data in a structured, machine-readable format
Right to Withdraw Consent: Withdraw consent for data processing at any time
Right to Object: Object to certain types of data processing

To exercise any of these rights, please contact us at hello@officeapi.in. We will respond within 30 days.

9. Children's Privacy

OfficeAPI is a business platform intended for use by adults and registered businesses. We do not knowingly collect personal data from individuals under the age of 18.

If you believe a minor has provided us with personal data, please contact us at hello@officeapi.in and we will promptly delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will:

Update the "Last Updated" date at the top of this page
Notify registered users via email at least 7 days before changes take effect
Display a notice on the OfficeAPI platform dashboard

Your continued use of the platform after changes are effective constitutes your acceptance of the revised Privacy Policy.

11. Contact Us

For any privacy-related questions, concerns, or requests, please contact us:

      📧 Email: hello@officeapi.in

      🌐 Website: officeapi.in

      🏢 Company: DBDITS Services

      🕐 Response Time: Within 30 business days for privacy requests

📋 Table of Contents