Legal

Privacy Policy

Last updated: March 2026

1. Who We Are

Msgie (“Msgie”, “we”, “us”, or “our”) is a product operated by Aaditya Technologies, a business based in India.

Registered address:
B/207, Om Shree Nath Kunj, Carter Road No. 2,
Borivali East, Mumbai – 400066, Maharashtra, India

Contact: [email protected]

We provide a WhatsApp Business automation and messaging platform accessible at msgie.com and its associated services.

For the purposes of applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (India) and, where applicable, the General Data Protection Regulation (GDPR), Aaditya Technologies acts as a data controller for platform user data and a data processor for customer data uploaded by our users.

2. Information We Collect

We collect information you provide directly to us, as well as data generated through your use of our platform:

  • Account data: Name, Email address, Password (securely hashed), Company name, Billing information (if applicable), and WhatsApp Business Account credentials you connect to the platform.
  • Usage and Technical data: IP address, Browser type, device information, Pages visited, Features used, Timestamps and activity logs, Error and diagnostic logs
  • WhatsApp Message Metadata: We process messaging-related metadata including: Sender and recipient phone numbers, Message timestamps, Delivery and read status, Template names and campaign identifiers.
    We do not store the content of WhatsApp messages (text, images, videos, etc.)
  • Customer Contact Data: Names, Phone numbers, Other contact details that you upload or sync into the platform.
    In this case :- You (user) remain the controller of this data. We act strictly as your data processor.
  • Cookies and tracking: see the Cookies section below.

3. Use of WhatsApp Business Platform

Msgie integrates with the WhatsApp Business Platform provided by Meta Platforms, Inc.

  • Msgie acts as a technology intermediary enabling businesses to communicate with their customers via WhatsApp.
  • Messages are transmitted through WhatsApp infrastructure and may be processed by Meta.
  • We do not control WhatsApp’s infrastructure or data handling practices.
  • We do not access or store message content
  • We do not use WhatsApp data for advertising
  • We process message metadata only to provide delivery, analytics, and automation features

Users of Msgie are solely responsible for:

  • Obtaining valid consent from their customers
  • Complying with WhatsApp Business Policy and applicable laws

End-Customer Data and Consent

When you use Msgie to send messages to your customers via WhatsApp, your customers' personal data (including phone numbers and message-related interactions) is processed through the WhatsApp Business Platform operated by Meta Platforms, Inc.

You, as the business using Msgie, are primarily responsible for:

  • Obtaining valid, informed, and documented opt-in consent from your end customers before sending any WhatsApp messages
  • Ensuring you have a lawful basis for processing personal data under applicable data protection laws
  • Providing your end customers with a clear and accessible privacy notice explaining how their data will be used, including the involvement of Msgie and WhatsApp (Meta Platforms, Inc.)
  • Directing your end customers to WhatsApp’s Privacy Policy where relevant: WhatsApp Privacy Policy
  • Ensuring that your use of the platform complies with WhatsApp Business Policy and all applicable laws and regulations in the jurisdictions where your customers are located

Msgie provides the technical infrastructure to enable messaging and automation services. We do not independently verify whether you have obtained appropriate consent from your end customers.

Any misuse of the platform, including failure to obtain required consent or comply with applicable laws, remains the responsibility of the user (business).

4. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Msgie platform and its features.
  • Authenticate your account and keep it secure.
  • Enable WhatsApp messaging, automation, and campaigns.
  • Provide analytics and reporting.
  • Process your subscription, manage billing, and send invoices.
  • Respond to support requests, questions, and feedback.
  • Send you service-related notices (e.g., downtime alerts, policy updates).
  • Improve platform performance and features
  • Send you optional marketing communications about new features or offers, where you have given consent or we have a legitimate interest to do so.
  • Detect, investigate, and prevent fraudulent transactions, abuse, and other illegal activities.
  • Comply with our legal obligations.

6. Data Sharing

We do not sell, rent, or trade your personal data.

We may share data with:

  • Service Providers
    • Cloud hosting providers (India-based infrastructure) that host our platform and databases, operating under appropriate data processing agreements.
    • Analytics providers (e.g., Google Analytics) to help us understand platform usage in aggregate.
  • WhatsApp / Meta
    • Messaging data is transmitted via Meta Platforms, Inc., which acts as a sub-processor for the purpose of delivering WhatsApp messages. Meta processes this data in accordance with its WhatsApp Business Data Processing Terms. We do not control Meta's infrastructure or its internal data handling practices, and we do not use WhatsApp data for advertising or profiling purposes.
  • Payment Processors
    • For billing and subscription handling (when applicable). We do not store full card details.
  • Legal Authorities
    • When required by law or to protect rights and safety

All third-party processors are contractually bound to handle your data only as instructed by us and in accordance with data protection law.

7. Data Processing Agreement (DPA)

Where Msgie processes personal data on behalf of its users (for example, customer contact data uploaded or synced into the platform), Msgie acts as a data processor, and the user acts as the data controller.

We offer a Data Processing Agreement (DPA) that governs such processing and outlines:

  • The subject matter, nature, and purpose of processing
  • The types of personal data and categories of data subjects
  • The obligations and rights of both parties
  • Security measures implemented to protect personal data
  • The use of sub-processors (including infrastructure providers and messaging partners such as Meta Platforms, Inc.)

The DPA is available upon request. To obtain a copy, please contact us at [email protected]

Where required under applicable data protection laws (including GDPR or similar regulations), users are responsible for entering into a DPA with Msgie prior to or at the time of using the platform to process personal data.

8. Data Retention

We retain your data for as long as your account is active and for a period thereafter as necessary for our legitimate business and legal purposes:

  • Account data: retained while your account is active. After account deletion, data is purged within 30 days, unless we are required by law to retain it longer.
  • Message metadata: retained for operational and analytics purposes
  • Usage and log data: retained for up to 12 months from the date of collection.
  • Billing records: retained for up to 8 years to comply with Indian financial regulations.
  • Contact data you import: deleted within 30 days of your account closure or upon your request.

9. User Responsibilities

Users of Msgie agree to:

  • Obtain proper consent before sending messages
  • Use the platform in compliance with applicable laws
  • Follow WhatsApp Business Policy
  • Avoid spam, harassment, or illegal messaging practices

Msgie is not responsible for misuse of the platform by users.

10. Your Rights

Depending on applicable law, you may have rights to:

  • Right of access: request a copy of the personal data we hold about you.
  • Right to rectification: ask us to correct inaccurate or incomplete data.
  • Right to erasure/deletion: request deletion of your data where there is no compelling reason for us to keep it.
  • Right to data portability: receive your data in a structured, machine-readable format.
  • Right to restriction: ask us to limit processing of your data in certain circumstances.
  • Right to object: object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent: where we process data based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days. We may ask you to verify your identity before fulfilling your request.

11. Cookies

We use cookies and similar tracking technologies on our website and platform:

  • Essential cookies: required for the platform to function (e.g., session authentication). These cannot be disabled.
  • Analytics cookies: help us understand how visitors use the site. These are only set with your consent where required by law.

You can control cookie preferences through your browser settings. For full details, please refer to our Cookie Policy.

12. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include:

  • Encryption of data in transit using HTTPS/TLS.
  • Access controls limiting data access to authorised personnel only.
  • Secure server infrastructure
  • Monitoring and logging systems
  • Regular security reviews and monitoring.

While we take security seriously, no method of transmission over the internet or electronic storage is 100% secure. We encourage you to use a strong, unique password and keep it confidential.

We maintain an internal incident response procedure to detect, assess, contain, and report data security incidents in a timely manner

13. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to individuals’ rights and freedoms, we will take appropriate steps to investigate, contain, and mitigate the breach.

Where required under applicable law, we will notify affected users and relevant authorities without undue delay. Such notification, where applicable, will include:

  • The nature of the breach and categories of data affected
  • The likely consequences of the breach
  • The measures taken or proposed to address and mitigate the breach

Where the breach involves customer data processed on behalf of our users, we will promptly inform the relevant user (data controller) so that they can fulfil their own legal obligations.

We maintain internal procedures for detecting, investigating, and responding to data breaches in accordance with applicable data protection laws, including the Digital Personal Data Protection Act, 2023, and, where applicable, the General Data Protection Regulation (GDPR).

14. International Transfers

Your data is primarily processed within India. However, in order to provide our services, certain data may be processed by third-party service providers located outside India.

These include:

  • Meta Platforms, Inc., which operates the WhatsApp Business Platform infrastructure
  • Analytics providers such as Google Analytics

As a result, data may be transferred to jurisdictions including the United States and other countries where these providers operate.

Where such transfers occur, we take reasonable steps to ensure that appropriate safeguards are in place, including:

  • Entering into data processing agreements with service providers requiring them to protect personal data in accordance with applicable laws
  • Relying on contractual protections and internationally recognized transfer mechanisms, including Standard Contractual Clauses (SCCs) where applicable
  • Ensuring that service providers implement appropriate technical and organizational security measures

For WhatsApp messaging services:

  • Meta Platforms, Inc. acts as an independent service provider (sub-processor) for the transmission of messages
  • Meta may further engage its own affiliates and sub-processors in accordance with its Business Data Processing Terms

We rely on Meta’s contractual commitments and data protection safeguards as described in its official documentation: WhatsApp Business Data Processing Terms

We do not control Meta’s internal data processing operations but ensure that our integration with such services is limited to what is necessary to provide the Msgie platform.

15. Children's Privacy

The Msgie platform is a business tool not directed at children under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without appropriate consent, we will delete it promptly. If you believe we have collected such data, please contact us at [email protected].

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will notify you by email (to the address on your account) or by posting a prominent notice on our website prior to the change taking effect.

Your continued use of the Msgie platform after the effective date of a revised policy constitutes your acceptance of those changes. We recommend reviewing this page periodically.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your data, please contact our privacy team:

Questions about your data?

Our privacy team is here to help. Email us at [email protected] and we'll respond within 30 days.

We use cookies

We use cookies to enhance your browsing experience and analyse site traffic. Read our Cookie Policy for details.