en
en

Privacy Policy

Last Updated: June 11, 2026

Welcome to AnyApp ("Company", "We", "Us", or "Our"). We are committed to protecting and respecting the privacy of our Business Clients and their End-Users. This Privacy Policy explains how we collect, use, store, disclose, and safeguard personal data processed through our WhatsApp Business API integration and related services ("Services").

By accessing or using our Services, you agree to the data practices described in this Privacy Policy.

1. OUR LEGAL ROLE (UU PDP COMPLIANCE)

Under the Indonesian Personal Data Protection Law (UU No. 27/2022) and Meta Business Terms:

  • Data Controller: We act as the Data Controller for the internal business account information collected directly from our Business Clients (such as registration details, billing information, and admin contact details).

  • Data Processor: We act as the Data Processor for all communication content, phone numbers, and chat histories of the end-users. Our Business Clients act as the Data Controllers for their respective end-users' data. We process this data strictly under the instructions of our Business Clients.

2. DATA WE COLLECT AND PROCESS

A. Client Business Account Data (Data Controller Role)

  • Company name, legal entity details, physical business address, business email, phone number, and tax/billing information.

  • Meta Business Manager ID, WhatsApp Business Account (WABA) credentials, and API access tokens.

B. Communication & Chat History Data (Data Processor Role)

  • Message Content: Text, images, documents, audio files, videos, and other media sent or received by End-Users through the API.

  • Metadata: Sender and recipient phone numbers, timestamps, message delivery status (sent, delivered, read), and other interaction logs.

3. DATA STORAGE, RETENTION, AND LOCATION

  • Server Storage: We store chat history on our secure servers to provide features such as centralized inbox dashboards, analytics, and CRM synchronization for our Business Clients.

  • Server Location: All data is processed and hosted in secure data centers located in Jakarta, Indonesia, ensuring compliance with Indonesian local data residency guidelines where applicable.

  • Retention Period: We retain chat history data for as long as the Client's service contract remains active, or for a maximum default period of 60 days from the date of transmission, unless a different duration is explicitly requested in writing by the Business Client or required by Indonesian law.

4. PURPOSES OF DATA PROCESSING

We do not sell or rent personal data to third parties. We process the collected data solely to:

  • Provide, maintain, and optimize the technical performance of our WhatsApp API integration.

  • Furnish Business Clients with access to their message history, reporting dashboards, and chat tools.

  • Process billing transactions and provide technical customer support.

  • Detect, prevent, and mitigate fraudulent, unauthorized, or illegal activities, ensuring compliance with Meta Developer Policies.

5. DATA TRANSFERS AND THIRD PARTIES

To deliver our Services, data may be shared with or routed through:

  • Meta Platforms, Inc. / WhatsApp LLC: As the provider of the core WhatsApp global infrastructure, to transmit messages from our platform to the WhatsApp network.

  • Cloud Infrastructure Providers: Highly secure, third-party hosting partners that maintain strict physical and digital security protocols.

6. DATA SECURITY MEASURES

We implement robust technical and organizational security measures to protect data against unauthorized access, alteration, disclosure, or destruction:

  • Encryption in Transit: All data transmissions between our API, Client Webhooks, and Meta servers are encrypted using HTTPS / TLS 1.3 protocols.

  • Encryption at Rest: Chat histories stored on our databases are encrypted using industry-standard AES-256 encryption.

  • Access Control: Access to database systems is strictly limited to authorized engineering personnel and requires Multi-Factor Authentication (MFA).

7. DATA SUBJECT RIGHTS

In accordance with Indonesia's UU PDP, individuals have the right to access, rectify, restrict processing, or request the deletion of their personal data.

  • Because we act as a Data Processor for End-User chat data, any deletion or access requests from an End-User must be submitted directly to our Business Client (the Data Controller).

  • We will promptly assist our Business Clients in executing data deletion requests from our servers upon receiving their authorized instructions.

8. CHANGES TO THIS PRIVACY POLICY

We reserve the right to update this Privacy Policy at any time to reflect operational, legal, or regulatory changes. We will notify our Business Clients of any material modifications via email or through the Service dashboard.

9. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our Data Protection Officer (DPO) at:

  • Company Name: PT. Any App Analytics

  • Email: info@anyapp.id

Contact

Reach out for tailored our Low Code No Code AI SaaS solutions.

Email

Phone

info@anyapp.id

© 2026. All rights reserved.