Privacy Policy

Effective Date: January 1, 2025

Last Updated: January 1, 2025

1. Introduction

Lalexi ("we," "our," or "us") is committed to protecting your privacy and the privacy of your customers. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our WhatsApp and Telegram business management platform ("Service").

This policy applies to all users of our Service, including businesses, employees, and end customers whose communications are processed through our platform.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, company information
  • Billing Information: Payment details, billing address (processed securely through third-party payment processors)
  • Profile Information: Profile pictures, display names, and other account customization data

2.2 Communication Data

  • Message Content: Text messages, images, videos, documents, and other media sent through connected WhatsApp and Telegram accounts
  • Conversation Metadata: Timestamps, sender/recipient information, delivery status, read receipts
  • Contact Information: Names and phone numbers of individuals your team communicates with
  • Campaign Data: Bulk messaging campaigns, templates, and distribution lists

2.3 Technical Information

  • Device Information: IP addresses, browser type, operating system, device identifiers
  • Usage Data: Features used, time spent on platform, interaction patterns
  • Log Data: Server logs, error reports, system activity

2.4 Third-Party Platform Data

  • WhatsApp Integration: Account connection data, conversation histories, contact lists
  • Telegram Integration: Account connection data, conversation histories, contact lists

3. Legal Basis for Processing (EU Users)

Under the General Data Protection Regulation (GDPR), we process personal data based on:

  • Consent: When you explicitly agree to data processing for specific purposes
  • Contract Performance: To provide our Service and fulfill our contractual obligations
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Legal Compliance: To comply with applicable laws and regulations

4. How We Use Your Information

4.1 Service Provision

  • Connecting and managing your WhatsApp and Telegram accounts
  • Displaying unified conversation dashboards
  • Enabling bulk messaging campaigns
  • Providing real-time conversation monitoring
  • Preserving conversation histories
  • Facilitating team collaboration and oversight

4.2 Business Operations

  • Processing payments and managing subscriptions
  • Providing customer support
  • Analyzing usage to improve our Service
  • Detecting and preventing fraud or abuse
  • Ensuring platform security and stability

4.3 Communications

  • Sending service updates and notifications
  • Providing technical support
  • Marketing communications (with your consent)
  • Legal notices and policy updates

5. Information Sharing and Disclosure

5.1 We Do Not Sell Personal Data

We do not sell, rent, or trade personal information to third parties.

5.2 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Cloud hosting and data storage
  • Payment processing
  • Customer support tools
  • Analytics and performance monitoring
  • Security and fraud prevention

All service providers are bound by strict confidentiality agreements and data protection requirements.

5.3 Legal Requirements

We may disclose information when required by law or in response to:

  • Valid legal process (subpoenas, court orders)
  • Government investigations
  • Protecting rights, property, or safety
  • Preventing fraud or illegal activities

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of the business transaction, subject to continued privacy protection.

6. Data Security

6.1 Security Measures

We implement industry-standard security measures including:

  • End-to-end encryption for data transmission
  • Encrypted data storage
  • Access controls and authentication
  • Regular security audits and monitoring
  • Secure data centers with physical security
  • Employee training on data protection

6.2 Data Breach Response

In the event of a data breach, we will:

  • Investigate and contain the breach immediately
  • Notify affected users within 72 hours (EU users)
  • Cooperate with regulatory authorities
  • Implement additional security measures as needed

7. Data Retention

7.1 Retention Periods

  • Account Data: Retained while your account is active and for 90 days after closure
  • Communication Data: Retained as specified in your service agreement or until deletion requested
  • Billing Records: Retained for 7 years for tax and accounting purposes
  • Support Data: Retained for 3 years after case resolution

7.2 Deletion Procedures

You can request deletion of your data by contacting us at privacy@lalexi.com. We will process deletion requests within 30 days, subject to legal retention requirements.

8. Your Privacy Rights

8.1 All Users

  • Access: Request information about data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Opt-out: Unsubscribe from marketing communications

8.2 EU Users (Additional GDPR Rights)

  • Portability: Request your data in a structured, machine-readable format
  • Restriction: Request limitation of data processing
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for specific processing activities
  • Lodge Complaints: File complaints with your local data protection authority

8.3 California Users (CCPA Rights)

  • Know: Right to know what personal information is collected
  • Delete: Right to delete personal information
  • Opt-out: Right to opt-out of the sale of personal information (note: we do not sell personal information)
  • Non-discrimination: Right not to be discriminated against for exercising privacy rights

9. International Data Transfers

9.1 Data Location

Your data may be processed and stored in the United States and other countries where our service providers operate.

9.2 Transfer Safeguards

For EU users, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Other appropriate safeguards as required by GDPR

10. Children's Privacy

Our Service is not intended for children under 16 (or 13 in the US). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will delete it promptly.

11. Third-Party Platforms

11.1 WhatsApp and Telegram

Our Service integrates with WhatsApp and Telegram. These platforms have their own privacy policies and terms of service that govern your use of their services.

11.2 Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites.

12. Cookies and Tracking

12.1 Cookie Usage

We use cookies and similar technologies for:

  • Authentication and security
  • Preferences and settings
  • Analytics and performance monitoring
  • Marketing and advertising (with consent)

12.2 Cookie Control

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect Service functionality.

13. Marketing Communications

13.1 Consent

We will only send marketing communications with your explicit consent.

13.2 Opt-out

You can unsubscribe from marketing emails at any time using the unsubscribe link or by contacting us.

14. Updates to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated through:

  • Email notifications to registered users
  • Prominent notices on our website
  • In-app notifications

Continued use of our Service after updates constitutes acceptance of the revised policy.

15. Contact Information

15.1 Privacy Questions

For privacy-related questions or requests, contact us at:

15.2 Data Protection Officer (EU)

If you are located in the EU, you may contact our Data Protection Officer at:

15.3 Response Time

We will respond to privacy requests within:

  • 30 days for general inquiries
  • 72 hours for GDPR-related requests
  • 45 days for CCPA-related requests

16. Regulatory Compliance

We are committed to compliance with applicable data protection laws, including:

  • General Data Protection Regulation (GDPR) - EU
  • California Consumer Privacy Act (CCPA) - California
  • Children's Online Privacy Protection Act (COPPA) - US
  • Other applicable state and federal privacy laws

Last Updated: January 1, 2025

For the most current version of this Privacy Policy, please visit: https://lalexi.com/docs/privacy-policy