1msg official logo
Start free

Privacy policy

1. Introduction

1MSG Pte. Ltd. ("1MSG", "we", "our", or "us") respects privacy and is committed to protecting personal data.

This Privacy Policy explains how we collect, use, disclose, store, transfer, and protect personal data when you use:

and related services, APIs, and integrations (the "Service").

By using the Service, you acknowledge and agree that your data may be processed in accordance with this Privacy Policy.

2. Company Information

1MSG Pte. Ltd.
68 Circular Road, #02-01
049422 Singapore
Email: [email protected]

3. Scope of This Policy

This Policy applies to:

  • website visitors
  • account holders
  • authorized users
  • developers
  • business customers

The Service is intended solely for business use.

4. Information We Collect

4.1 Account Information

  • email address
  • company information
  • country
  • login credentials
  • subscription details

4.2 Billing Information

  • billing details
  • tax information
  • transaction records

Payment data is processed exclusively by Stripe.

1MSG does not store full card numbers or CVV data.

4.3 Technical Data

  • IP address
  • device and browser data
  • logs
  • usage data
  • session identifiers

4.4 Communication Data

  • support requests
  • correspondence
  • feedback

5. Customer Communications Data

Customers may process through the Service:

  • phone numbers
  • contact data
  • WhatsApp messages
  • attachments
  • media files
  • templates
  • API payloads
  • webhook data
  • communication history

Customer Communications Data remains under the control of the Customer.

1MSG does not claim ownership of such data.

Depending on configuration, message storage may be enabled or disabled.

Where message storage is disabled, 1MSG processes messages only for real-time transmission and delivery purposes and does not retain message content, except where temporary processing, technical logging, backup retention, security, or legal obligations require otherwise.

1MSG does not verify, monitor, or guarantee legality, accuracy, or quality of Customer Data.

6. WhatsApp Business Platform & Meta Compliance

The Service integrates with WhatsApp Business Platform operated by Meta.

Customers acknowledge and agree that:

  • WhatsApp messaging is subject to Meta policies and WhatsApp Business Terms.
  • Meta acts as an independent data controller for certain processing activities.
  • 1MSG has no control over Meta decisions, including:
    • account approval or rejection
    • messaging limits
    • quality rating
    • suspensions or bans
    • enforcement actions

Customers are solely responsible for compliance with:

  • WhatsApp Business Terms
  • Meta policies
  • applicable anti-spam laws
  • marketing and communication regulations

1MSG is not responsible for any restrictions, suspensions, or enforcement actions taken by Meta or WhatsApp.

7. Anti-Spam & Messaging Compliance

Customers agree that they will not use the Service to:

  • send unsolicited or illegal messages
  • use purchased or unauthorized contact lists
  • violate applicable anti-spam laws
  • bypass opt-in requirements
  • engage in deceptive or misleading communications

Customers are solely responsible for obtaining valid consent from message recipients.

8. How We Use Data

We use data to:

  • provide and operate the Service
  • process transactions
  • ensure platform security
  • prevent fraud and abuse
  • improve performance
  • provide support
  • comply with legal obligations

9. Legal Basis (GDPR)

Where applicable:

  • contract performance
  • legitimate interests
  • legal obligations
  • consent

10. Data Controller & Data Processor Roles

1MSG acts as Data Controller for:

  • account data
  • billing data
  • website usage data
  • support communications

1MSG acts as Data Processor for Customer Communications Data.

Customers are solely responsible for:

  • lawful basis of processing
  • consent collection
  • end-user rights handling
  • compliance with applicable laws

Data subject requests must be directed to the Customer as the Data Controller.

11. Subprocessors

1MSG uses third-party subprocessors, including but not limited to:

  • AWS (infrastructure)
  • Hetzner (infrastructure)
  • Timeweb (infrastructure)
  • Heroku (hosting)
  • Cloudflare (security & CDN)
  • Stripe (payments)
  • Meta (WhatsApp Business Platform)
  • Google (analytics)
  • Microsoft (analytics)

Subprocessors may be updated from time to time.

12. International Data Transfers

Data may be processed in:

  • EU
  • USA
  • Singapore
  • other jurisdictions where subprocessors operate

Where required, we use Standard Contractual Clauses (SCCs) or equivalent safeguards.

13. Data Retention

We retain data only as long as necessary.

Retention depends on:

  • account status
  • legal obligations
  • operational requirements

Deleted data may remain in backups for up to 60 days.

Logs may be retained for security and operational purposes.

14. Security

We implement reasonable technical and organizational security measures.

However:

No system is completely secure, and we cannot guarantee absolute protection against all risks.

Customers are responsible for maintaining backups of their data.

15. Data Breach

In case of a security incident, we may:

  • investigate and mitigate impact
  • notify affected parties where required by law

16. Legal Disclosure

We may disclose data if required by:

  • law
  • regulation
  • court order
  • governmental request

17. Subprocessor & Infrastructure Governance

We may update subprocessors from time to time.

Customers are responsible for reviewing updated lists where available.

18. Customer Responsibilities

Customers are solely responsible for:

  • obtaining all required consents
  • ensuring lawful processing of data
  • compliance with applicable laws
  • content of communications
  • recipients of messages
  • legality of data uploaded to the Service

Customers must not use the Service for unlawful, fraudulent, or unauthorized purposes.

19. Support Access

1MSG personnel may access Customer Data only when necessary for:

  • technical support
  • troubleshooting
  • security investigations
  • legal compliance
  • service maintenance and improvement

Access is strictly limited and controlled.

20. Third-Party Responsibility Disclaimer

1MSG is not responsible for:

  • Meta / WhatsApp decisions or enforcement actions
  • third-party service outages
  • changes in third-party policies
  • service disruptions caused by external providers

21. Changes to This Policy

We may update this Policy from time to time.

Continued use of the Service means acceptance of updates.

22. Contact

1MSG Pte. Ltd.
68 Circular Road, #02-01
049422 Singapore
Email: [email protected]