Privacy & Data Protection Policy
How we collect, use, and protect your company information, customer contact details, and message data across our global WhatsApp Business API and cloud SMS routes. Last updated: June 1, 2026.
✦ No credit card required · Free plan available · Setup in 5 minutes
1. Introduction
StartMessaging ("Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (startmessaging.com), pre-funded wallet, OTP SMS APIs, and WhatsApp Business API services (the "Service").
Our platform is operated from India and is subject to Indian law, including the Digital Personal Data Protection Act, 2023 (DPDP Act) and Telecom Regulatory Authority of India (TRAI) regulations.
2. Information We Collect
2.1 Account and Billing Information
When you register, we collect your full name, email address, phone number, company name, GSTIN (optional, for tax invoices), and billing address. Prepaid wallet top-up records and payment transaction details are securely processed by our PCI-DSS compliant partner Razorpay (we do not store your credit card or bank details).
2.2 API Usage and Recipient Data
When you use our APIs, we process recipient phone numbers and message content. This includes transactional codes for our DLT and non-DLT routes and WhatsApp templates. Recipient numbers are processed transiently for message delivery.
2.3 Automatically Collected Data
We collect IP addresses and browser user-agent data for dashboard session security and functional logging. We do not engage in cross-site tracking or sell user data.
3. How We Use Your Information
We use collected data to deliver communication services, manage your prepaid wallet balance, issue tax invoices, provide customer support, detect fraud, and maintain compliance under TRAI's TCCCPR rules and the DPDP Act 2023.
4. Data Retention
We retain transaction invoices, wallet balance changes, and billing details for a minimum of 5 years (under Indian financial and Income Tax regulations). Operational API request logs (recipient phone numbers and delivery reports) are kept for 90 days for debug and billing dispute resolution, after which they are purged. Message contents are retained for up to 30 days.
5. Data Sharing and Disclosure
We share recipient numbers and message content with licensed SMS aggregators and telecom operators for SMS routing, and Meta Platforms, Inc. for WhatsApp delivery. Payments are handled securely via Razorpay. We may disclose data if legally required by Indian law enforcement or regulatory authorities.
6. Data Security
We enforce strict security controls including TLS 1.3 transit encryption, hashed storage of API keys, and restricted database access. No system is completely secure, and we invite security reports to startmessagingdotcom@gmail.com.
7. Your Rights under the DPDP Act 2023
Under the DPDP Act 2023, you have the right to access a summary of your personal data, request correction of inaccurate data, request erasure (subject to legal retention requirements), file grievances, and nominate a representative. To exercise these rights, email us at startmessagingdotcom@gmail.com. We respond to verified requests within 30 days.
8. Contact Us
For privacy queries, contact our Grievance Officer at startmessagingdotcom@gmail.com, phone +91 6376383348, or via WhatsApp at +91 6376383348.