a Unit of Rockstone United L.L.C

Contact

Data Processing Policy

Effective Date: May 26, 2024

1. Data Controller

Twerlo LLC (“we”, “us”, “our”)
We determine the purposes and means of processing personal data in relation to our conversational automation platform.

2. Categories of Data We Process

2.1 Data Provided by You
  • Contact Information: name, email address, phone number, company name.
  • Account Credentials: username, password (stored in hashed form).
  • Support & Communication Data: messages exchanged, support tickets, chatbot transcripts.
2.2 Data from Meta WhatsApp API
  • Messaging Metadata: timestamps, message status (sent, delivered, read), sender and recipient phone numbers.
  • Webhook Payloads: event notifications, media file URLs (temporarily stored for processing).
2.3 Automatically Collected Data
  • Usage and Analytics: pages visited, feature usage, session duration, device and browser details, IP address.
  • Tracking & Cookies: interaction logs, performance metrics via third-party services such as Google Analytics, Cloudflare, Segment, and similar trackers.

3. Purposes of Processing

We process personal data to:
  1. Provide and maintain our services, including message routing via the Meta WhatsApp API.
  2. Authenticate and manage user accounts.
  3. Deliver and track messages through WhatsApp and voice channels.
  4. Respond to support requests and inquiries.
  5. Analyze platform usage and improve functionality.
  6. Monitor security and detect fraud.
  7. Communicate updates, announcements, and marketing messages (with your consent where required)

4. Security Measures

We implement the following technical and organizational measures to protect personal data:
  • Encryption in Transit: TLS 1.2+ with 256-bit SSL/TLS for all data transfers, including WhatsApp webhook endpoints.
  • Encryption at Rest: 256-bit AES encryption for stored content and backups.
  • Network Protection: Firewalls, intrusion detection systems, and DDoS mitigation.
  • Access Controls: Role-based permissions, secure authentication, and audit logging for employee and processor access.

5. Data Sharing and Third-Party Processors

We may share personal data with the following categories of service providers, acting as processors:
  • Meta Platforms, Inc.: for delivery of WhatsApp messages, media storage, and webhook event handling.
  • Infrastructure & Hosting: Cloud service providers for server hosting and storage.
  • Content Delivery & Security: Services like Cloudflare for traffic optimization and threat protection.
  • Analytics & Tracking: Google Analytics, Mixpanel, and similar analytics platforms for usage analysis.
  • Automation & Integrations: Workflow automation services (e.g., Zapier) to enable data movement between systems.
  • Messaging & Email: Email delivery platforms for notifications and newsletters.
All processors must adhere to our security standards and process data only as instructed.

6. Data Retention

We retain personal data as long as necessary to fulfill the purposes in Section 3, or as required by law. Subsequently, data is securely deleted or anonymized.

7. Data Subject Rights

You may:
  • Access and correct your contact and account information.
  • Request deletion of certain personal data (subject to operational needs and regulatory requirements).
  • Opt out of marketing communications at any time by following unsubscribe links or contacting us.

8. ISV API Access Details

As an Independent Software Vendor (ISV) using our APIs, you will have access to:
  • API Logs: metadata about API requests, response codes, timestamps, and error messages.
  • Webhook Subscriptions: configurations for receiving real-time event data and message status updates.
  • Data Schemas: definitions of payload structures for message sending, templated messages, media uploads, and contact management.
You are responsible for securing your API credentials and ensuring webhook endpoints only accept validated requests.

9. Updates to This Policy

We may update this policy periodically. Changes will be posted with a revised “Effective Date.” Please review this policy regularly.

10. Contact Us

For questions or to exercise your rights, contact:

Twerlo LLC Email: privacy@twerlo.com

Contact Us

We’re always open to collaborations, partnerships, and new ideas. If you believe in building technology that lasts, we’d love to hear from you.

Direct Contact
Instagram Facebook X-twitter Linkedin
© Copyright 2026 Twerlo , All rights reserved