Privacy Policy

Account Information: When you sign up, we collect your name, email address, and password. If you sign in using Facebook Login, we receive your Facebook user ID, name, and email address based on the permissions you grant.

Organization Data: We collect your business name, industry, and team member information to set up your workspace.

WhatsApp Business Data: When you connect your WhatsApp Business Account through Meta's Embedded Signup, we receive your WhatsApp Business Account ID, phone number ID, and business verification status. We access your WhatsApp message history, contact information, and conversation metadata to provide our messaging and CRM services.

Contact Data: We store information about your WhatsApp contacts, including phone numbers, names, conversation history, tags, and any custom fields you create.

Message Content: We process and store WhatsApp messages (text, images, documents, and other media) sent and received through your connected WhatsApp Business Account to provide inbox, campaign, and automation features.

Usage Data: We collect information about how you use the platform, including pages visited, features used, and actions taken.

Payment Information: Payment details are processed securely by Stripe. We do not store your full credit card number on our servers.

When you integrate with Meta platforms, we specifically collect and process:

• Facebook Login: User ID, name, email address (with your consent via the permissions dialog)
• WhatsApp Business API: Business Account ID, phone number IDs, message templates, conversation data, contact phone numbers, message content and media, delivery/read receipts
• WhatsApp Embedded Signup: Business verification status, selected phone number, business profile information

We use Meta platform data solely to provide TripleTick's services to you. We do not sell Meta platform data to third parties. We do not use Meta platform data for advertising purposes unrelated to our service.

We use the information we collect to:

• Provide, maintain, and improve our WhatsApp sales and marketing platform
• Send and receive WhatsApp messages on your behalf through the WhatsApp Business API
• Manage your contacts, conversations, and CRM data
• Execute marketing campaigns and automated messaging flows
• Authenticate your identity and manage your account
• Process payments and manage your subscription
• Provide customer support
• Send service-related notifications (not marketing)
• Analyze usage patterns to improve our platform
• Comply with legal obligations

We may share your information with:

• Meta Platforms: Message content and contact data are transmitted via the WhatsApp Business API to deliver messages. This is required for the core functionality of the service.
• Supabase: Our database and authentication provider, which stores your data securely with row-level security and encryption.
• Stripe: Our payment processor, which handles billing and subscription data.
• Vercel: Our hosting provider, which processes web requests.
• AI Providers: If you use AI-powered features (message suggestions, auto-replies), anonymized or pseudonymized message data may be sent to AI service providers to generate responses. We do not share personally identifiable contact information with AI providers.

We do not sell your personal data to any third party. We do not share your data with third parties for their own marketing purposes.

Your data is stored securely using Supabase (built on PostgreSQL) with the following protections:

• Encryption at rest and in transit (TLS 1.2+)
• Row-level security (RLS) ensuring organization-based data isolation
• Regular automated backups
• Access controls limiting data access to authorized personnel
• API keys and secrets stored as environment variables, never in source code

We retain your data for as long as your account is active or as needed to provide our services. When you delete your account, we will delete or anonymize your data within 90 days, except where retention is required by law.

You have the right to request deletion of your data at any time. You can:

• Delete individual contacts and conversations from within the TripleTick app
• Request full account deletion by contacting us at privacy@tripletick.ai
• Revoke Facebook/Meta permissions from your Facebook App Settings, which will trigger our data deletion process

For full details, see our Data Deletion Policy.

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate data
• Deletion: Request deletion of your data
• Portability: Request your data in a machine-readable format
• Restriction: Request that we limit processing of your data
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at privacy@tripletick.ai. We will respond within 30 days.

TripleTick operates in compliance with Meta's WhatsApp Business Platform policies:

• We only send messages to contacts who have opted in to receive communications
• We respect the 24-hour messaging window for session messages
• We honor opt-out requests immediately and maintain an opt-out list
• We do not send spam or unsolicited bulk messages
• We provide clear opt-out mechanisms in all marketing messages

We use essential cookies for authentication and session management. We may use analytics tools to understand how our website and platform are used. We do not use third-party advertising cookies or tracking pixels.

TripleTick is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses where required.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of TripleTick after changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@tripletick.ai
• Website: tripletick.ai