Privacy Policy — Arround Ai

This Privacy Policy describes how Madquick Digital Agency Pvt Ltd (operating as “Arround Ai”; collectively “we”, “us”) collects, uses, and discloses information when you use our services at arroundai.com and app.arroundai.com. For the purposes of the Digital Personal Data Protection Act, 2023 (DPDP Act), Madquick Digital Agency Pvt Ltd is the Data Fiduciary.

1. Information we collect

Account data: name, email, password (hashed), workspace name.
WhatsApp Business data: with your explicit consent during onboarding, we access your WhatsApp Business Account ID, phone number ID, and a long-lived access token issued by Meta. We use these strictly to send and receive messages on your behalf.
Contact data: phone numbers, names, and any custom attributes you upload to your audience lists. This data is owned by you.
Message data: the content of WhatsApp conversations passing through your inbox, stored to provide chat history and analytics.
Usage data: IP address, browser type, pages viewed, timestamps — standard logs for security and product improvement.

2. How we use it

To operate the WhatsApp inbox, send campaigns, and run automations you configure.
To bill you (via Razorpay) for your subscription.
To send service emails (password resets, billing alerts, security notifications).
To improve the product. We do not sell your data or your customers’ data to third parties.

3. Meta platform compliance

Our use and transfer of information received from Meta APIs (WhatsApp Business Platform) adhere to Meta’s Platform Terms. We will not use the data for advertising or sell it to third parties.

4. Data residency & retention

Customer data is stored on servers we operate. Message and contact data are retained for as long as your account is active. On account deletion, we remove your data within 30 days, excluding records we’re required to keep for tax/legal reasons.

5. Sharing

We share data with: Meta (to operate the WhatsApp Cloud API on your behalf), Razorpay (billing), and our SMTP provider (transactional email). We do not share with anyone else without your consent or a lawful basis.

6. Your rights

You can access, export, correct, or delete your data at any time by writing to [email protected]. We respond within 30 days.

7. Security

Data in transit is encrypted via TLS. Passwords are hashed (bcrypt). Access tokens are stored encrypted at rest.

8. Changes

If we change this policy materially, we’ll email account owners at least 14 days before the change takes effect.

9. Grievance Officer (DPDP Act compliance)

Per the Digital Personal Data Protection Act, 2023 and the Information Technology Rules, you may contact our Grievance Officer for any data-related complaint:

Name: Kuldeep (Founder, Madquick Digital Agency Pvt Ltd)
Email: [email protected]
Response timeline: within 30 days of receipt

10. Contact & legal entity

Madquick Digital Agency Pvt Ltd
General queries: [email protected]

Registered office address: to be published on our company information page.