Privacy Policy
How we collect, use and protect your information. Please take a moment to read it.
Last updated: 23 June 2026
Introduction
This Privacy Policy explains how Mankiwave ("Mankiwave", "we", "us", or "our") collects, uses, discloses, and safeguards personal data in connection with our cloud-hosted, multi-tenant software-as-a-service platform for WhatsApp marketing, CRM, AI chatbots, bulk messaging campaigns, bot building, and a shared team inbox / live chat, made available at https://mankiwave.in (the "Service"). It applies to visitors of our website and to registered users and their authorised team members ("Users", "you").
By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. This Policy should be read together with our Terms & Conditions, Cookie Policy, Acceptable Use Policy, and our Data Protection & GDPR notice. The registered legal entity operating the Service is Mankiwave, India.
Independence and Trademark Notice
Mankiwave is an independent software platform. We are not affiliated with, endorsed by, sponsored by, or otherwise associated with Meta Platforms, Inc., WhatsApp LLC, Google LLC, Apple Inc., or any other trademark holder. The marks "WhatsApp", "Meta", "Instagram", and any related names, logos, and marks are the property of their respective owners and are used only for identification and descriptive purposes.
Controller and Processor Roles
Our role in respect of personal data differs depending on the data in question:
- Mankiwave as controller. For data relating to your account, billing, our website, and our own business operations, Mankiwave determines the purposes and means of processing and acts as the data controller (or equivalent under applicable law).
- Mankiwave as processor. For the contacts, message content, and recipient data that you upload, import, sync, or generate through the Service ("User Content"), you are the data controller and Mankiwave acts as a data processor processing such data solely on your documented instructions in order to provide the Service. You are responsible for having a lawful basis and valid consent/opt-in for the data you process through Mankiwave.
Information We Collect
Account and Profile Data
- Name, business/organisation name, email address, phone number, and password (stored in hashed form).
- Team, role, and agent information for users you invite within your workspace.
- Plan selection, quotas (such as number of connected accounts and message allowances), and account preferences.
Billing and Payment Metadata
- We do not store full card numbers or complete payment credentials on our own servers. Payments are processed by third-party payment gateways — Razorpay, Stripe, PayPal, PhonePe, and PayU.
- We retain billing metadata such as plan, amount, currency, transaction/reference identifiers, payment status, invoice records, and the billing contact details needed to maintain your subscription and meet tax/accounting obligations.
Connected WhatsApp Account Data
- Information required to connect and operate your own WhatsApp number(s) through the Service, which may include phone number identifiers, display/profile details, connection status, access tokens or session credentials, business account identifiers, and configuration relating to official WhatsApp Cloud API connections or compatible messaging providers.
Contacts and Message Content (User Content)
- Contact lists, phone numbers, names, attributes, tags, and custom fields that you upload, import, or sync.
- The content of messages, templates, media, attachments, chatbot/flow definitions, live-chat conversations, and related metadata (such as timestamps and delivery/read status) that you send or receive through the Service.
Usage, Log, and Device Data
- Technical and usage information such as IP address, browser type, device and operating-system information, pages and features accessed, actions taken, campaign and delivery logs, error and diagnostic data, and timestamps.
Cookies and Similar Technologies
We use cookies and similar technologies to operate the Service, keep you signed in, remember preferences, and understand usage. For details and your choices, see our Cookie Policy.
How and Why We Use Your Information
- To create, authenticate, and administer your account and workspace, and to provide and maintain the Service.
- To enable core functionality, including connecting your WhatsApp number(s), sending and receiving messages on your instruction, running campaigns and bots, and operating the shared inbox and live chat.
- To process subscriptions, payments, renewals, invoices, and to enforce plan quotas through our payment gateways.
- To provide AI-powered features (such as chatbots and content generation) where you choose to use them.
- To monitor, secure, troubleshoot, and improve the Service, and to prevent fraud, abuse, and violations of our policies.
- To communicate with you about service, security, transactional, and support matters, and — where permitted — about product updates.
- To comply with legal, regulatory, tax, and accounting obligations and to establish, exercise, or defend legal claims.
Mankiwave does not itself send unsolicited marketing messages on your behalf. Messages are sent only as a result of your own configuration, campaigns, and instructions.
Legal Bases for Processing
Where data protection laws such as the EU/UK GDPR apply, we rely on one or more of the following legal bases:
- Contract — to provide the Service you have signed up for and to administer your subscription.
- Legitimate interests — to secure, operate, and improve the Service and to prevent abuse, balanced against your rights.
- Consent — where required, for example for certain cookies or optional communications; consent can be withdrawn at any time.
- Legal obligation — to meet tax, accounting, and other statutory requirements.
For User Content processed on your instruction, you (as controller) are responsible for establishing and documenting the appropriate legal basis and recipient consent/opt-in.
Your Responsibilities for Recipient Data and Consent
You are solely responsible for obtaining valid consent and opt-in from your recipients before messaging them, and for complying with all laws and policies applicable to your messaging activity, including WhatsApp's Business Messaging Policy, Meta's commerce and business policies, the Indian Information Technology Act, 2000 and rules made thereunder, TRAI / DND norms, and any anti-spam and data-protection laws applicable to you (including GDPR and CAN-SPAM, as relevant). Mankiwave does not guarantee message deliverability, nor that your WhatsApp number will not be rate-limited, restricted, or banned by Meta/WhatsApp as a result of your own usage.
Sub-Processors and Third-Party Service Providers
To deliver the Service, we engage trusted third parties that process data on our behalf or in connection with the Service. These categories of sub-processors and providers include:
- Cloud hosting and infrastructure providers that host the Service and store data.
- Payment gateways — Razorpay, Stripe, PayPal, PhonePe, and PayU — which process payments under their own privacy policies.
- Messaging APIs and providers, including Meta/WhatsApp APIs and compatible messaging providers, used to send and receive messages.
- AI providers, such as OpenAI and OpenRouter, used to power AI features where you enable them.
- Email and SMS providers used for transactional notifications and communications.
These providers are permitted to use the data only as necessary to perform their services and are subject to confidentiality and data-protection obligations. Third-party services are governed by their own privacy policies, which we encourage you to review.
International Data Transfers
Mankiwave operates from India, and our providers may store or process data in countries other than your own. Where personal data is transferred internationally, we take steps to ensure an appropriate level of protection consistent with applicable law, which may include standard contractual clauses or equivalent safeguards. By using the Service, you understand that your data may be processed in jurisdictions outside your country of residence.
Data Retention
We retain personal data for as long as your account is active and as needed to provide the Service, and thereafter as required to comply with legal, tax, accounting, and dispute-resolution obligations or to enforce our agreements. User Content is retained while it is stored in your workspace and is deleted or anonymised within a reasonable period after deletion by you or after termination of your account, subject to backup cycles and legal requirements. You may request deletion as described below.
Security
We implement reasonable technical and organisational measures designed to protect personal data, including encryption in transit, access controls, hashed passwords, and segregation of tenant data. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for the security practices of your own team members.
Your Rights
Subject to applicable law, you may have the right to access, rectify, erase, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent where processing is based on consent. To exercise these rights in relation to data for which Mankiwave is the controller, contact us at hello@mankiwave.in. Where the request concerns User Content for which one of our customers is the controller, we will refer the request to the relevant customer or act on their instructions. We may need to verify your identity before responding. You also have the right to lodge a complaint with a competent data-protection authority. For more detail on rights under the GDPR, see our Data Protection & GDPR notice.
Children's Privacy
The Service is intended for business use and is not directed to children. It is not intended for individuals under the age of 18, and we do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, please contact us so we can take appropriate action.
Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to affected individuals, we will take reasonable steps to investigate and mitigate the incident and will notify affected Users and, where required, the relevant authorities, within the timeframes and in the manner required by applicable law. Where Mankiwave acts as a processor, we will notify the relevant controller without undue delay.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the version available on this page and, where appropriate, notify you. Your continued use of the Service after the changes take effect constitutes acceptance of the revised Policy.
Contact Us
If you have questions, requests, or concerns about this Privacy Policy or our data practices, please contact us:
- Email: hello@mankiwave.in
- WhatsApp / Phone: +91 70022 08642
- Website: https://mankiwave.in — or visit our Contact Us page.
- Registered address: Mankiwave, India