Back to Home

Privacy Policy

ContactZap – WhatsApp Contact Exporter

Issued by Synx Automation Private Limited | March 2025
CIN: U62099KL2024PTC087457 | GSTIN: 32ABNCS3504L1Z8
77 Spaces, Kumarapuram, Trivandrum, Kerala – 695011, India

1. Introduction

Synx Automation Private Limited ("Synx", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use ContactZap – WhatsApp Contact Exporter ("the Service").

This Policy is compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and the Digital Personal Data Protection Act, 2023 ("DPDPA"), as applicable.

By using the Service, you ("Data Principal", "you") consent to the practices described in this Policy.

2. Data Controller

The Data Fiduciary (controller) for purposes of this Policy is:

Synx Automation Private Limited
CIN: U62099KL2024PTC087457
Registered Address: 77 Spaces, Kumarapuram, Trivandrum, Kerala – 695011, India
Privacy Contact: privacy@synxautomate.com

3. Meta Platform Notice

Important Notice:

Synx Automation Private Limited is a Meta Solutions Partner. Meta Platforms, Inc. does not endorse, promote, or sponsor ContactZap – WhatsApp Contact Exporter. Data processed through any Meta-connected feature (including WhatsApp Business API) is subject to Meta's own Privacy Policy in addition to this Policy.

4. Data We Collect

3.1 Information You Provide

  • Account details: name, email address, phone number, business name, and billing information.
  • Profile and configuration data: settings, templates, integrations, and preferences.
  • Communications: messages, queries, and support tickets you send to us.
  • WhatsApp profile and contact data extracted through the browser extension, as authorised by you.

3.2 Automatically Collected Information

  • Log data: IP address, browser type, pages accessed, timestamps, and referring URLs.
  • Device information: operating system, device identifiers, and screen resolution.
  • Usage analytics: feature usage patterns, session duration, and error logs.
  • Cookies and similar tracking technologies (see Section 8 on Cookies).

3.3 Sensitive Personal Data

We do not intentionally collect Sensitive Personal Data or Information (SPDI) as defined under the SPDI Rules, such as passwords, financial information, health data, or biometric data, except where strictly necessary for billing purposes, in which case it is processed solely by our PCI-DSS compliant payment partners.

5. How We Use Your Data

We process your data for the following purposes:

  • Service Delivery: To provide, operate, and maintain the Service.
  • Account Management: To manage registrations, authenticate users, and maintain account security.
  • Billing: To process payments, issue invoices, and manage subscriptions.
  • Support: To respond to queries, troubleshoot issues, and improve customer experience.
  • Service Improvement: To analyse usage patterns and develop new features.
  • Legal Compliance: To comply with applicable laws, regulations, and court orders.
  • Communications: To send service announcements, updates, and, with your consent, marketing communications.

6. Legal Basis for Processing

We process your personal data on the following lawful bases under the DPDPA and SPDI Rules:

  • Consent: Where you have provided explicit consent (e.g., marketing communications).
  • Contractual Necessity: To perform our obligations under the subscription agreement.
  • Legitimate Interests: For fraud prevention, security, and product improvement.
  • Legal Obligation: To comply with applicable laws and regulatory requirements.

7. Data Sharing & Disclosure

We do not sell your personal data. We may share data with:

  • Service Providers: Trusted third-party vendors providing hosting, analytics, payment processing, and communications services, under strict data processing agreements.
  • Meta Platforms: Where you use WhatsApp-integrated features, data may be shared with Meta subject to their policies.
  • Legal Authorities: Where required by law, court order, or government directive.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate privacy protections.
  • With your Consent: In other circumstances where you have provided explicit authorisation.

8. Data Retention

We retain your personal data for as long as your account remains active and as necessary to fulfil the purposes described in this Policy. Upon account termination:

  • Active account data is retained for ninety (90) days to facilitate account recovery.
  • Billing records are retained for seven (7) years as required by Indian financial regulations.
  • Anonymised or aggregated data may be retained indefinitely for analytical purposes.
  • You may request deletion of your data by contacting privacy@synxautomate.com.

9. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Maintain session authentication and user preferences.
  • Analyse Service usage and performance.
  • Enable third-party analytics (e.g., Google Analytics).

You may control cookie settings through your browser. Disabling essential cookies may impair Service functionality.

10. Your Rights as a Data Principal

Under the DPDPA 2023 and applicable law, you have the following rights:

  • Right to Access: Request a summary of your personal data held by us.
  • Right to Correction: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal retention obligations.
  • Right to Grievance Redressal: Raise a complaint with our Grievance Officer.
  • Right to Nominate: Nominate another person to exercise your rights in the event of death or incapacity.

To exercise any of these rights, please contact privacy@synxautomate.com. We will respond within thirty (30) days of receipt of a valid request.

11. Grievance Officer

In accordance with the IT Act 2000 and SPDI Rules, we have designated a Grievance Officer:

Grievance Officer, Synx Automation Private Limited
Email: privacy@synxautomate.com
Address: 77 Spaces, Kumarapuram, Trivandrum, Kerala – 695011, India

You may file a grievance within thirty (30) days of any data-related concern. We will acknowledge within forty-eight (48) hours and resolve within thirty (30) days.

12. International Data Transfers

Our servers are primarily located in India. Where data is processed or stored outside India (e.g., through global cloud service providers), we ensure appropriate safeguards are in place, including standard contractual clauses or equivalent mechanisms, in compliance with applicable Indian data protection law.

13. Children's Privacy

The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that a minor has provided personal data, we will delete it promptly. Please contact privacy@synxautomate.com to report such instances.

14. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or prominent in-Service notice at least fourteen (14) days before taking effect. Continued use of the Service following notification constitutes acceptance of the revised Policy.

15. Contact Us

For privacy-related queries:

Synx Automation Private Limited
77 Spaces, Kumarapuram, Trivandrum, Kerala – 695011, India
Email: privacy@synxautomate.com
Website: https://contactzap.synxautomate.com

Last Updated: March 2025 | Synx Automation Private Limited | CIN: U62099KL2024PTC087457