1. What is GDPR?
GDPR stands for General Data Protection Regulation. It is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area. At MazBot, we take your data security serious. This document outlines how we protect your data, our responsibilities as a service provider, and your responsibilities as a user. We rely on the Article 6(1)(b) of the GDPR law: processing is necessary for the performance of a contract to which the data subject is party.
2. Definition of Personal Data
Personal data refers to any information relating to an identified or identifiable natural person. In the context of MazBot, this includes:
Your account details (Name, Email, Phone Number).
WhatsApp Data: The phone numbers you upload, message content, contact names, and interaction logs.
Technical Data: IP addresses, browser type, and login sessions.
At MazBot, we treat all data uploaded by you (The User) as your absolute property. We do not share, sell, or view your contact lists or message contents for commercial purposes without your explicit consent.
3. MazBot's Responsibility (Data Processor)
As the developers and providers of the MazBot service, our responsibility is to ensure the security of the application infrastructure:
Data Security: We ensure that user data (name, email, WhatsApp tokens) and contact lists are stored securely on our servers using standard encryption protocols.
Transparency: Users will be notified about data storage methods (cookies, database entries).
Right to Erasure: We provide tools for users to permanently delete their account and all associated data from our servers.
No Backdoors: We do not maintain hidden access to your WhatsApp conversations or contact lists. Access is only granted when necessary for technical support and maintenance.
4. User’s Responsibility (Data Controller)
As a user of MazBot, you are the "Data Controller" of the contacts you upload and message.
Consent: It is your responsibility to ensure you have the right/consent to message the phone numbers you upload to MazBot.
Account Security: You are responsible for keeping your login credentials and WhatsApp API tokens secure.
Content: You are responsible for the content of the messages you send via MazBot. MazBot is a tool, and we are not liable for abusive or spam content sent by users.
5. Our Action on GDPR (Security Measures)
We implement the following measures to ensure compliance:
Data Minimization: We only collect data necessary for the functionality of WhatsApp automation.
Enforce HTTPS: All connections to MazBot are encrypted via SSL/TLS.
Session Management: Cookies and sessions are managed securely and destroyed upon logout/expiry.
No Commercial Tracking: We do not track your internal activity or message content for advertising purposes.
Data Breach Policy: In the unlikely event of a server breach, we have a clear policy to notify affected users immediately.
6. Your Rights & Features
The Right to be Forgotten (Adios, Data): If you cancel your subscription or delete your account, you have the right to have all your data erased. Once confirmed, this action is irreversible, and your data (including WhatsApp logs and contacts) is wiped from our database.
Data Encryption: Sensitive data (such as passwords and API tokens) are hashed or encrypted in our database. In case of a database leak, this data remains unreadable.
No Hidden Tracking: We do not use "Social Engineering" or behavioral analysis on your private message data to sell you products.
7. Third-Party Data Sharing
MazBot acts as an interface for WhatsApp. To function, data must be transmitted to:
Meta/WhatsApp: Since we use WhatsApp's infrastructure (Cloud API or Gateway), messages and phone numbers must pass through Meta's servers to be delivered. By using MazBot, you acknowledge this necessary data transfer.
We do not share your data with any other third-party advertisers.
8. Is sending bulk messages via MazBot GDPR compliant?
Yes, provided you follow the rules. MazBot is a tool that facilitates communication. To remain GDPR compliant while using our system:
Consent (Opt-in): You should only message contacts who have given you permission (e.g., they messaged you first, or signed up via a form).
Right to Opt-out: You must provide a way for users to unsubscribe. MazBot supports keyword automation (e.g., if a user replies "STOP", the bot can automatically remove them or tag them to stop receiving messages).
Legitimate Interest: You are contacting leads who have expressed interest in your service.
