Legal

Privacy Policy

Last updated: June 10, 2026

1. Introduction

ARCredit (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect information when you use our WhatsApp payment reminder platform.

By using ARCredit, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Business Owner Information

  • Name, email address, phone number
  • Company name, GST number, and business address
  • WhatsApp Business account credentials (OAuth token only — never your password)
  • Billing information (processed securely via Stripe / Razorpay)

2.2 Customer Data (Uploaded by You)

  • Customer names, phone numbers, and email addresses
  • Invoice details: amounts, due dates, outstanding balances
  • Payment history and extension request records

2.3 Usage Data

  • Reminder delivery status (sent, delivered, read, failed)
  • In-app activity logs for audit and debugging
  • IP address and browser/device metadata for security purposes

3. How We Use Your Information

  • To provide and operate the ARCredit platform
  • To send WhatsApp reminders on behalf of your business
  • To process billing and manage your subscription
  • To detect and prevent fraud, abuse, and security incidents
  • To communicate product updates, security alerts, and support messages
  • To comply with applicable Indian and international laws

We do not sell, rent, or share your customer data with third parties for marketing purposes.

4. Data Security

All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). We implement role-based access controls, audit logging, and regular security reviews. Our infrastructure is hosted on ISO 27001-certified cloud providers.

WhatsApp messages are transmitted through Meta's official Business API. We do not store message content beyond the minimum period required for delivery tracking.

5. Data Retention

We retain your business account data for as long as your account is active. Customer and invoice data is retained per your configured settings (default: 12 months after invoice is marked resolved).

Upon account cancellation, we delete all personal and customer data within 30 days, unless required to retain it for legal or tax compliance.

6. Your Rights (Data Subject Rights)

You have the right to:

  • Access a copy of all data we hold about you
  • Correct inaccurate data
  • Request deletion of your account and all associated data
  • Export your customer data in CSV format at any time
  • Withdraw consent for marketing communications

To exercise any of these rights, email us at privacy@arcredit.in.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. You can disable cookies in your browser, but some features of the platform may not function correctly.

8. Third-Party Services

We use the following trusted third-party services:

  • Meta WhatsApp Business API — message delivery
  • Stripe / Razorpay — payment processing
  • AWS / GCP — cloud infrastructure

Each provider is contractually bound to handle data in compliance with applicable privacy laws.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or an in-app notification at least 14 days before the changes take effect.

10. Contact Us

For privacy questions or data requests, contact our Data Protection Officer at privacy@arcredit.in.