Privacy Policy

Who We Are
Information We Collect
How We Use Your Information
Legal Bases for Processing (GDPR)
Sharing of Information
Data Retention
Security
Cookies & Tracking Technologies
Your Rights & Choices
Children's Privacy
International Data Transfers
Florida & U.S. State Privacy Rights
Changes to This Policy
Contact & Data Controller

1 Who We Are

WappGO is operated by Blowtec LLC, a limited liability company incorporated under the laws of the State of Florida, United States. We are the data controller for the personal information we collect about you in connection with the WappGO platform.

Data Controller Contact: privacy@blowtec.io

2 Information We Collect

We collect information in the following categories:

Category	Examples	Source
Account Data	Name, email address, company name, phone number, password (hashed)	Provided by you at registration
Authentication Data	OAuth tokens (Google/Microsoft), provider user ID	OAuth provider on sign-in
Usage Data	Pages visited, features used, timestamps, IP address, browser/device type	Automatically collected
Communication Data	WhatsApp messages processed through the platform, contact lists you upload	Provided by you during use
Billing Data	Payment method type, last 4 digits, billing address (full card data processed by payment processor)	Payment processor
Support Data	Messages and files you submit in support requests	Provided by you

We do not store full credit card numbers. Payment card data is handled by PCI-DSS compliant processors (e.g., Stripe, MercadoPago).

3 How We Use Your Information

We use your personal information for the following purposes:

Service Delivery: To create and manage your account, provide platform features, and process transactions.
Authentication: To verify your identity and maintain session security, including via OAuth.
Communication: To send transactional emails (account confirmations, invoices, password resets) and, with your consent, product updates and promotional content.
Support: To respond to your inquiries and resolve technical issues.
Analytics & Improvement: To understand how the Service is used and improve features, performance, and user experience.
Legal Compliance: To comply with applicable laws, regulations, and legal processes.
Fraud Prevention: To detect, investigate, and prevent fraudulent or abusive activity.

4 Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

Contract: Processing necessary to perform our contract with you (providing the Service).
Legitimate Interests: For analytics, security, and fraud prevention, where our interests are not overridden by your rights.
Legal Obligation: Where we are required to process data to comply with applicable law.
Consent: For marketing communications (you may withdraw consent at any time).

5 Sharing of Information

We do not sell your personal information. We may share it with:

Service Providers: Third-party vendors who assist in operating the Service (hosting, payment processing, email delivery, analytics), bound by confidentiality agreements.
OAuth Providers: When you log in via Google or Microsoft, we receive profile data as authorized by you.
Legal Authorities: When required by law, court order, or to protect the rights, property, or safety of Blowtec LLC, our users, or the public.
Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets, with appropriate notice to you.

6 Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. After account termination:

Account data is retained for 90 days to allow reactivation, then deleted.
Billing records are retained for 7 years to comply with U.S. tax and accounting obligations.
Communication data (message logs) is retained for 30 days after termination, then permanently deleted.
Anonymized, aggregated analytics data may be retained indefinitely.

7 Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

Encryption of data in transit (TLS/HTTPS) and at rest;
Hashed password storage (bcrypt);
Access controls and role-based permissions;
Regular security reviews and vulnerability assessments.

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

8 Cookies & Tracking Technologies

We use the following types of cookies and similar technologies:

Essential Cookies: Required for session management and authentication (e.g., PHP session cookies). Cannot be disabled.
Analytics Cookies: Used to understand how users interact with the Service. May be disabled in your browser settings.
Preference Cookies: Remember your settings and preferences.

You can control cookie settings through your browser. Disabling essential cookies may affect the functionality of the Service.

9 Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal retention obligations.
Portability: Receive your data in a structured, machine-readable format.
Restriction: Request restriction of processing in certain circumstances.
Objection: Object to processing based on legitimate interests.
Withdraw Consent: Withdraw consent for marketing at any time by clicking "unsubscribe" or emailing us.

To exercise any of these rights, contact us at privacy@blowtec.io. We will respond within 30 days.

10 Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18 without parental consent, we will delete that information promptly. If you believe we have inadvertently collected such data, please contact us at privacy@blowtec.io.

11 International Data Transfers

Blowtec LLC is based in the United States. If you access the Service from outside the U.S., your information may be transferred to and processed in the United States, where data protection laws may differ from those in your country.

For transfers of EEA/UK personal data, we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission.

12 Florida & U.S. State Privacy Rights

Florida Digital Bill of Rights (FDBR): Florida residents may have rights to access, correct, delete, and opt out of the sale or sharing of their personal data for targeted advertising, under the Florida Digital Bill of Rights (Chapter 501, Part II, Florida Statutes), where applicable.

We do not sell personal data as defined under U.S. state privacy laws.

To submit a privacy request under applicable U.S. state law, please email privacy@blowtec.io with the subject line "State Privacy Request." We will verify your identity and respond within the legally required timeframe.

13 Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will notify you by email or through a prominent notice within the Service at least 14 days before the changes take effect.

The "Last Updated" date at the top of this page indicates when this policy was last revised. We encourage you to review this policy periodically.

14 Contact & Data Controller

For any privacy-related questions, requests, or complaints, please contact our Data Privacy team:

Blowtec LLC — Data Privacy
State of Incorporation: Florida, United States
Privacy Email: privacy@blowtec.io
Legal Email: legal@blowtec.io
Support: support@blowtec.io

If you are located in the EEA or UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.