Privacy Policy

Effective date: 2026. This Privacy Policy explains how WameUp collects, uses, stores, shares and protects personal data when you visit our website, contact us, become a client, or use services related to websites, applications, SaaS products, CRM integrations, AI automation and WhatsApp Business API.

1. Who We Are

WameUp is based in Almaty, Kazakhstan. For privacy questions, requests, or complaints, contact us at info@wameup.com or WhatsApp +7 705 357 85 55.

2. Our Role

For data submitted through our website, sales channels and direct communications, WameUp acts as the data controller. When we process customer contact lists, CRM records, WhatsApp conversations or automation data on behalf of a client, WameUp acts as a processor or service provider under the client’s instructions. The client remains responsible for having a valid legal basis and required consent to contact end users.

3. Personal Data We Collect

• Contact data: name, email address, phone number, messenger username and preferred communication channel.
• Business data: company name, website, industry, project requirements, CRM details, tax or billing details when needed for documents.
• Communication data: messages sent through forms, email, WhatsApp and other channels, including WhatsApp conversation data required for automation projects.
• Service data: CRM records, customer segments, chatbot flows, templates, opt-in status, campaign settings, support tickets, integration logs and API events processed during project delivery.
• Technical data: IP address, device and browser data, pages viewed, approximate location, referrer, cookies, diagnostics and security logs.
• AI automation data: prompts, intents, knowledge base content, conversation context and outputs needed to configure or operate AI assistants.

4. How We Use Data

• To respond to inquiries, schedule calls, prepare proposals and provide support.
• To deliver website, application, SaaS, CRM, WhatsApp Business API and AI automation services.
• To configure chatbots, message templates, automation flows, analytics and integrations.
• To operate, secure, troubleshoot and improve our website and services.
• To send service-related messages and, where permitted, business communications that you can opt out of.
• To comply with legal, tax, accounting, security and contractual obligations.

5. Legal Bases

Depending on the context and applicable law, we process personal data based on your request, contract performance, legitimate business interests, consent, legal obligations, or the client’s documented instructions when we act as processor. Where consent is required for WhatsApp communications or marketing, the client must collect and maintain that consent before messages are sent.

6. WhatsApp Business API and Meta

To provide WhatsApp automation, chatbot, support and messaging services, personal data may be transferred to or processed by Meta Platforms Inc. and its affiliates for operation of the WhatsApp Business API. This may include phone numbers, profile names, message content, message metadata, delivery status and conversation events. WhatsApp and Meta may process this data according to their own terms and policies. Meta may process data in the US, Ireland, and other countries where Meta operates.

7. Sharing and Service Providers

We do not sell personal data. We may share data only when necessary for the purposes described in this Policy, including with:

• Meta Platforms Inc. and WhatsApp Business API providers.
• Hosting, cloud, database, monitoring, email, analytics and security providers.
• CRM and business software providers such as AmoCRM, Bitrix24, HubSpot and similar platforms selected by the client.
• Payment, accounting, legal and administrative service providers.
• Contractors and technical specialists involved in project delivery under confidentiality obligations.
• Authorities, courts or regulators when disclosure is required by law or needed to protect rights, safety and security.

8. Cookies and Analytics

Our website may use cookies, pixels, local storage and similar technologies to keep the website functional, understand traffic, measure campaign performance, prevent abuse and improve content. You can control cookies through your browser settings. If analytics or advertising tools are added, they will be used according to this Policy and the relevant provider terms.

9. International Transfers

Our providers and clients may be located in different countries. Personal data may therefore be processed outside your country of residence. Where required, we rely on contractual safeguards, data processing agreements, standard contractual clauses or other lawful transfer mechanisms.

10. Security

We apply reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration and disclosure. These measures may include access control, least-privilege permissions, secure authentication, encrypted transport, backups, logging and vendor review. No website, network or system can be guaranteed to be completely secure.

11. Retention

We keep personal data only for as long as necessary for the purposes described in this Policy. Lead and inquiry data is usually kept while communication is active and for a reasonable business follow-up period. Project and contract data is kept during the project and for the period required for legal, tax, accounting and dispute-resolution obligations. Service data processed for clients is deleted or returned according to the client agreement or written instruction, unless the law requires a longer period.

12. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, object to processing, request portability, withdraw consent, opt out of marketing, or lodge a complaint with a data protection authority. We may need to verify your identity before fulfilling a request.

13. Data Deletion

To request deletion of your personal data, email info@wameup.com. We will delete the data or provide a justified response within 72 hours, unless we must keep certain information to comply with legal obligations, resolve disputes, prevent fraud, or enforce agreements.

14. Children

Our website and services are intended for businesses and are not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact us and we will take appropriate steps.

15. Changes to This Policy

We may update this Privacy Policy when our services, providers, legal requirements or business processes change. The current version will always be published on this page.