DocsSecurityGdpr

GDPR & Privacy Compliance

Data privacy standards and compliance with global regulations.

We respect user privacy and operate in compliance with the General Data Protection Regulation (GDPR) and the Nigeria Data Protection Regulation (NDPR).


1. Data Processor vs. Data Controller

  • You (The Business) are the Data Controller: You collect your customers' contact information and decide what messages to send them.
  • AutomateIt is the Data Processor: We process and store the messages and contact profiles solely on your instructions and in accordance with our Data Processing Agreement (DPA).

2. Customer Privacy Rights

Under GDPR and NDPR, your customers have rights regarding their data:

  • Right to Access: A customer can request a copy of their contact profile and conversation transcript. You can export their profile data as a JSON or CSV file from the Contacts tab at any time.
  • Right to Erasure (Right to be Forgotten): If a customer requests that their data be deleted, you can click the Delete Contact button in their profile. This action permanently deletes their phone number, metadata, and message logs from our active servers.

3. Data Auditing & Deletion Logs

For regulatory compliance:

  • We maintain audit logs of all user actions (e.g. who exported a contact list, who updated a schema).
  • Logs are retained for 90 days before being purged.
  • We sign standard Data Processing Agreements (DPA) with all Pro, Agency, and Enterprise tier customers.
Was this page helpful?

Ready to put your WhatsApp on Autopilot?

Join 500+ businesses using AutomateIt to drive sales, support customers, and scale operations instantly.

No credit card required to start • Cancel anytime