Privacy Policy

Last updated: 28 November 2025

LoginWA (“we”, “us”, “our”) provides API-based authentication and OTP verification. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information.

1. What We Collect

We only collect data necessary to send and verify WhatsApp OTP messages. This may include:

• Phone numbers submitted for OTP delivery
• Metadata about verification attempts (timestamps, status)
• App or project identifiers used for API authentication
• IP address and basic device information (for abuse and fraud prevention)
• Hashed OTP codes (OTP codes expire automatically)

We do not collect message content, chat history, or any personal data not required for OTP authentication.

2. How We Use Data

We use collected data solely to:

• Send and verify OTP codes
• Authenticate users for the app or website that integrates LoginWA
• Prevent fraud, abuse, and spam
• Monitor system performance and reliability
• Improve the accuracy and stability of our OTP delivery service

We do not sell, share, or rent user data for marketing or advertising.

3. Data Sharing

We may share minimal data with third-party service providers only for operational purposes, including:

• WhatsApp message delivery (via WhatsApp Business API or equivalent delivery provider)
• Payment processing (Paddle acts as our Merchant of Record)
• Infrastructure providers (servers, email, logging)

These providers only process data under our instruction and in compliance with applicable privacy regulations.

4. Data Retention

Verification logs and metadata are retained according to the user’s plan level for operational and security purposes. OTP codes are hashed and expire automatically.

You may request deletion of your account data at any time by contacting support. We do not retain data longer than necessary for security, billing, or operational requirements.

5. Data Security

We implement industry-standard security measures to protect user data, including:

• Encryption in transit (HTTPS/TLS)
• Confidential handling of phone numbers
• Secure hashing of OTP codes
• Access controls for internal systems

While we take security seriously, no system can guarantee 100% protection. We continuously update our systems to minimize risks.

6. Your Rights

Depending on your location, you may have the right to:

• Request access to your stored data
• Request deletion of your data
• Request correction of inaccurate information
• Request limitation of data processing

To exercise these rights, contact us using the email below.

7. Children’s Privacy

LoginWA is not intended for users under 13 years old. We do not knowingly collect data from children. If you believe such data has been collected, please contact us for immediate removal.

8. Changes to This Policy

We may update this Privacy Policy occasionally. Updates will be posted on this page with the revised date at the top.

9. Contact

For questions about this Privacy Policy or data requests, contact:
[email protected]