Privacy Policy

Last updated: April 13, 2026

Introduction

Engagebot (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (https://engagebot.io) and use our WhatsApp automation platform (the “Service”).

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service. By accessing and using Engagebot, you acknowledge that you have read, understood, and agree to be bound by all the provisions of this Privacy Policy.

1. Information We Collect

Personal Information You Provide

We collect information you voluntarily provide when you:

  • Create an account (name, email address, company name, phone number)
  • Complete profile information and preferences
  • Configure WhatsApp automations and flows (business names, contact information, message templates)
  • Contact us via email or contact forms
  • Subscribe to newsletters or communications
  • Upload files, documents, or media for automation purposes

WhatsApp Conversation Data

To operate the Service, we collect and process WhatsApp conversations and metadata including:

  • Message content and conversation history
  • Contact phone numbers and names
  • Message timestamps and delivery status
  • Media files (images, documents) shared in conversations
  • WhatsApp contact labels and groups

Automatically Collected Information

When you access our Service, we automatically collect:

  • IP address and geolocation
  • Device type, browser type, and operating system
  • Pages visited and time spent on each page
  • Referral source and click-through data
  • API usage logs and feature interactions
  • Error logs and crash reports

2. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: Providing, maintaining, and improving the WhatsApp automation platform
  • Account Management: Creating accounts, authenticating users, and managing subscriptions
  • Communication: Sending account updates, security alerts, and customer support responses
  • Analytics & Improvement: Analyzing usage patterns to enhance features and user experience
  • Marketing: Sending promotional content, newsletters, and product updates (with your consent)
  • Legal Compliance: Fulfilling legal obligations and enforcing our Terms of Service
  • Fraud Prevention: Detecting and preventing fraudulent activities or unauthorized access

3. Data Security

We implement comprehensive security measures to protect your data:

  • Encryption: All data transmitted via HTTPS/TLS encryption; sensitive data encrypted at rest
  • Access Control: Role-based access controls and multi-factor authentication
  • Security Audits: Regular security assessments and penetration testing
  • Staff Training: Employee training on data protection and privacy practices
  • Incident Response: Documented procedures for responding to data breaches

Important: While we strive to protect your information, no security system is impenetrable. We cannot guarantee absolute security.

4. Third-Party Data Sharing

We do not sell, rent, or trade your personal information. We may share data with:

Service Providers

Third-party vendors who help operate the Service under confidentiality agreements:

  • WhatsApp Business API (Meta)
  • Cloud hosting providers (AWS, Google Cloud)
  • Payment processors (Stripe, RevenueCat)
  • Analytics services (Google Analytics, Mixpanel)
  • Customer support tools (Zendesk, Intercom)

Legal Requirements

We may disclose information when required by law, court order, or government request, or to protect our rights and safety.

Business Transfers

In case of merger, acquisition, or sale of assets, user data may be transferred as part of the transaction.

5. Your Privacy Rights

GDPR Rights (EU Users)

If you are in the EU, you have the following rights under the General Data Protection Regulation:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion of your data
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a portable format
  • Objection: Object to marketing and processing

CCPA Rights (California Users)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

  • Know what personal information is collected
  • Delete personal information collected
  • Opt-out of the sale of personal information
  • Non-discrimination for exercising CCPA rights

How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@engagebot.io with your request. We will respond within 30 days. You may also use your account settings to update, delete, or export your information.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies

Required for login, session management, and security. These cannot be disabled.

Analytics Cookies

We use Google Analytics to understand how users interact with our Service. You can opt-out by installing the Google Analytics opt-out browser extension.

Marketing Cookies

Used to track conversions and deliver targeted advertising. You can manage these preferences through your browser settings.

Managing Cookies

Most browsers allow you to control cookies through settings. However, disabling essential cookies may affect Service functionality.

7. Data Retention

We retain your information as follows:

  • Account Data: Retained while your account is active; deleted within 90 days of account closure
  • Conversation History: Retained according to your plan (Free: 30 days, Growth: 90 days, Enterprise: custom)
  • Analytics Data: Aggregated data retained for 24 months
  • Log Data: Server logs retained for 30 days for security purposes
  • Backups: Data may persist in backups for up to 90 days

8. International Data Transfers

Engagebot is based in the United States. Your information may be transferred to, stored in, and processed in the United States or other countries where we or our service providers operate.

For EU users, we use Standard Contractual Clauses (SCCs) and implement appropriate safeguards to ensure adequate protection in accordance with GDPR requirements.

By using Engagebot, you consent to the transfer of your information internationally as described in this Privacy Policy.

9. Contact Us & Data Subject Requests

If you have privacy concerns or wish to exercise your rights, please contact our Data Protection Officer:

Engagebot Privacy Team

Email: privacy@engagebot.io

Email: support@engagebot.io

We will respond to all data subject requests within 30 days in compliance with applicable regulations.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes via email or a prominent notice on our website.

Your continued use of Engagebot after changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly.

This Privacy Policy is effective as of April 13, 2026. Previous versions are available upon request. For the most current version, visit https://engagebot.io/privacy.