Privacy Policy

Last updated: 25 June 2026. This policy explains what information we collect, why we collect it and how we protect it.

1. Information we collect

We collect account information such as name, email address, password hash, plan, billing status and security settings. We may also collect technical data including IP address, browser, operating system, device type, referrer, pages visited and timestamps for security, analytics and abuse prevention.

2. Messaging and automation data

When you connect a messaging number or use the API, we may process session details, recipient identifiers, message direction, message body, media URLs, delivery results, keyword rule matches, webhook payloads and API request logs. This information is used to operate the dashboard, deliver automations, troubleshoot failures and provide audit visibility.

3. Billing data

Payments are processed through a payment gateway. We store payment references, status, amount, currency, plan purchased, billing interval and gateway response metadata. We do not intentionally store full card numbers or sensitive card security codes on our platform.

4. How we use information

We use information to provide the service, authenticate users, verify email addresses, enable two-factor authentication, process plan purchases, send billing notices, prevent duplicate webhook replies, detect abuse, debug API errors, improve platform reliability and comply with applicable legal obligations.

5. Email and notifications

We may send transactional emails such as verification links, password reset links, login security codes, payment confirmations, billing notices, service alerts and support responses. These emails are necessary for account operation and security.

6. Sharing of information

We do not sell client data. We may share necessary data with service providers that help us deliver hosting, email, payment processing, logging, security and messaging functionality. We may also disclose information if required by law, to enforce our terms, or to protect the rights and safety of users and the platform.

7. Security

Passwords are stored as hashes, API keys are stored as hashes where applicable, forms use CSRF protection, and sensitive admin functions are protected by authentication. No internet service is completely risk-free, so users must also secure their own email accounts, passwords, API keys, connected devices and webhook endpoints.

8. Data retention

We retain account, billing and operational records for as long as needed to provide the service, meet tax/accounting requirements, resolve disputes, prevent abuse and maintain security logs. Some logs may be deleted or anonymised over time according to operational needs.

9. Your choices

You may update your profile details, change password, enable or disable email two-factor authentication and manage billing from your dashboard. You may request assistance with account closure or data questions by contacting support.

10. Cookies and sessions

The platform uses session cookies to keep you logged in and protect forms from cross-site request forgery. We may also use simple analytics and visitor logs to understand traffic patterns and detect suspicious activity.

11. International processing

Depending on hosting and third-party providers, data may be processed in different regions. We take reasonable steps to use reputable providers and protect data in line with this policy.

12. Contact

For privacy questions, contact support@trustforce.co.za.