Privacy Policy

1. Who is collecting your data

Shiftwa.id is operated by Daysra Tech Inovasi (Indonesia). For the purposes of UU PDP 27/2022 we are the Pengendali Data Pribadi (data controller) for account data you submit and the data your WhatsApp sender accounts generate while paired with our gateway. For GDPR purposes this policy describes processing in our Singapore-region database.

2. Data we collect

Account data

Email address and an Argon2id-hashed password for sign-in, optional Telegram chat ID once you link the operator bot, and your tier + notification preferences. We never store the plaintext password.

WhatsApp session credentials

When you pair a WhatsApp number by scanning the QR code the underlying Signal-protocol keys are stored in our database so the session can stay online. These credentials are not human-readable and are never shown back to you or any third party. They are deleted when you remove the sender or close your account.

Message delivery logs

For every message you send through the API we record: recipient phone number (the one your code supplied), routing decision (which sender was picked), delivery status, timestamp, and latency. Message bodies are retained briefly for delivery troubleshooting and then dropped on the schedule below.

Operational telemetry

Aggregated daily counts per sender and per status (used for the dashboard charts). API key fingerprints and last-used timestamps. Session connect / disconnect events for alerting.

3. Data we explicitly don’t retain

The WhatsApp multi-device library Shiftwa uses (whatsmeow) automatically caches the display names and JIDs of every counterparty it observes — anyone who sends a message to your paired number, every member of any group your number is in, and everyone reached by the initial history sync after pairing. For an outbound-only gateway like ours that data has no operational purpose and would be third-party personal data without a lawful basis.

A scheduled job truncates the underlying whatsmeow_contacts table every hour, keeping the cache effectively empty. No Shiftwa feature reads from that cache.

We also don’t collect: IP addresses for analytics, browser fingerprints, third-party advertising IDs, or any data about your message recipients beyond what you yourself submit via the API.

4. Why we collect each thing (lawful basis)

• Account data — performance of contract (signing you up and giving you a dashboard).
• WhatsApp session credentials — performance of contract (keeping your sender online so we can deliver the messages you ask us to).
• Message delivery logs — legitimate interest (delivery audit, billing accuracy, operator visibility) plus contract performance.
• Operational telemetry — legitimate interest (capacity planning, abuse detection, incident response).

5. How long we keep things

The retention periods below are our current default. Specific numbers may be adjusted following the final legal review noted above — if they tighten, your existing data is purged on the new schedule.

• Active account data: for the lifetime of your account.
• Closed account: identifying fields are deleted within 30 days. Aggregated, non-identifying counts may persist for operational health.
• Message bodies: 30 days, then dropped from the live log (only metadata is kept).
• Message metadata: 12 months on the live log; daily aggregates kept up to 24 months for the dashboard.
• WhatsApp session credentials: until you remove the sender or it is logged out from the phone side, then purged within 24 hours.
• Telegram link tokens: 1 hour TTL; expired tokens are swept hourly.
• whatsmeow_contacts (third-party PII cache): purged every hour. Effective retention is the cron interval.

6. Who we share it with

We don’t sell your data. We don’t share it with advertisers. We don’t use message content to train AI models. Production data lives on PostgreSQL infrastructure that Shiftwa operates directly — no managed-database vendor holds your records. The third parties that do see slices of your data to operate the service:

• Resend — transactional email (verification, operator alerts) by recipient email only.
• Telegram Bot API — operator alerts to chats you opt into. We only post message status, never the bodies you send through the gateway.
• Meta / WhatsApp — your paired numbers are connected to WhatsApp itself. Their privacy practices govern what they do with delivery metadata on their end.

Our development and staging environments use a managed PostgreSQL provider (Neon) for engineering convenience. By internal policy real customer data never lands there — only synthetic test data generated by the engineering team.

If we add a new sub-processor we will update this list before routing data through it.

7. Your rights

Under UU PDP and GDPR you have the right to access a copy of your data, correct inaccuracies, request deletion, restrict or object to processing, and request portability. Most of these are one click away in your dashboard (settings → close account triggers a full deletion run). For anything else, email hello@shiftwa.id with the email address on your account and we’ll act within 14 days.

8. Security

Passwords are hashed with Argon2id. WhatsApp session credentials and refresh tokens are stored as hashes or library-managed encrypted blobs. All connections to Shiftwa and to our sub-processors are over TLS. Database access is restricted to the backend service identity. Operator alerts are routed through channels you explicitly opt into.

We don’t claim perfect security — no one can — but if we ever detect unauthorized access to your account or data we’ll notify you within 72 hours of discovery, as required by UU PDP.

9. Changes to this policy

If we materially change how we process your data we’ll bump the “Last updated” date at the top and email account holders before the change takes effect. Earlier versions can be requested at the same address as for any other data request.

10. Contact

Privacy questions, data requests, or DPO contact: hello@shiftwa.id. General support lives on the contact page.