Effective Date: February 14, 2026

1. Introduction Crown Softech Ltd (“we,” “us,” or “our”) operates the WaFlo platform (accessible at waflo.net). We are committed to protecting the privacy of our users (“you” or “Merchant”) and your customers. This Privacy Policy explains how we collect, use, disclosure, and safeguard your information when you use our WhatsApp marketing and automation services (the “Service”).

We comply with the Nigeria Data Protection Regulation (NDPR) and the General Data Protection Regulation (GDPR) to ensure your data is handled securely.

2. Information We Collect To provide our Service, we process the following categories of data:

  • Account Information: When you register, we collect your business name, email address, phone number, and password.
  • WhatsApp Business Data: To facilitate messaging via the WhatsApp Business API, we process:
    • Your WhatsApp Business Phone Number and WABA ID.
    • Message templates and content (encrypted in transit).
    • Customer phone numbers you upload or collect via the Service.
  • Usage Data: We collect technical logs, IP addresses, and browser types to monitor the stability and security of our platform.

3. How We Use Your Information We use your data solely for the following purposes:

  • Service Delivery: To authenticate your account and transmit messages between you and your customers via the Meta (WhatsApp) infrastructure.
  • Billing: To process subscription payments (processed via secure third-party payment gateways).
  • Compliance: To adhere to Meta’s Platform Terms and WhatsApp Business Policies.
  • Improvement: To fix bugs and optimize the performance of the WaFlo dashboard.

4. Data Sharing and Third Parties We do not sell, trade, or rent your personal data to third parties. However, we share data with the following essential infrastructure providers:

  • Meta Platforms, Inc. (WhatsApp): As our core messaging provider, your business phone number and message payloads are processed by Meta in accordance with their Data Security Terms.
  • Cloud Hosting Providers: Our servers (hosted on secure VPS infrastructure) store encrypted application data.
  • Legal Authorities: We may disclose information if required by law or in response to valid requests by public authorities (e.g., a court order).

5. Data Retention We retain your personal data only for as long as necessary to provide our Services.

  • Message Logs: Retained for 30 days for troubleshooting and delivery reporting, then automatically deleted or anonymized.
  • Account Data: Retained as long as your account is active. You may request deletion at any time.

6. Your Rights (NDPR & GDPR) You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Deletion: Request the deletion of your account and associated data (“Right to be Forgotten”).
  • Withdraw Consent: Revoke permissions for us to access your WhatsApp Business Account via your Facebook Business Manager settings.

To exercise these rights, please contact our Data Protection Officer at: admin@waflo.net.

7. Security We implement industry-standard security measures, including SSL encryption (HTTPS) for data in transit and secure database storage for data at rest. However, no method of transmission over the internet is 100% secure.

8. Contact Us If you have questions about this policy, please contact us:

Crown Softech Ltd

SUITE 11, BLOCK E4, AYEGBAJU, INTERNATIONAL MARKET, OSOGBO, OSUN STATE, NIGERIA

Email: admin@waflo.net

Website: https://waflo.net

Scroll to Top