Who we are
ComDove (Stacx24 IT Pvt. Ltd.) (“ComDove”, “we”, “our”) is a company registered in Gautam Buddha Nagar, Uttar Pradesh, India (CIN: U62099UP2024PTC207663; GSTIN: 09ABOCS0885R1Z6). We operate a WhatsApp Business platform for small and medium businesses. This policy explains what personal data we collect, how we use it, and the choices you have.
Data we collect
We collect three categories of data:
- Account data — your name, work email, phone number, company name, GSTIN (if applicable), and billing address.
- Customer data — contacts you upload, messages you send and receive through WhatsApp, and the labels and notes your team attaches to them.
- Usage data — IP address, browser type, pages visited, and feature interactions. Used for security, debugging, and improving the product.
How we use your data
- To deliver the platform — send messages, route replies, and surface analytics.
- To bill you and issue GST-compliant invoices via Razorpay.
- To provide customer support in English and Hindi.
- To detect fraud, abuse, and policy violations.
- To send service announcements. Marketing emails are opt-in.
WhatsApp and Meta
ComDove is built on top of the WhatsApp Business Platform provided by Meta. When you send messages, they are routed through Meta's infrastructure and are subject to Meta's own terms and privacy practices. We do not control how Meta processes messages in transit.
Sharing with third parties
We share data only with vendors needed to run the service:
- Meta (WhatsApp Business Platform) — message delivery.
- Razorpay — payment processing and GST invoicing.
- AWS (Mumbai region) — hosting and data storage.
- Email and analytics providers under data-processing agreements.
Where we store data
Customer data is stored in AWS data centres in the Mumbai region (ap-south-1). Backups are encrypted and retained for 30 days. Some operational metadata may be processed in other regions where our sub-processors operate.
Retention
We keep account data for as long as you have an active subscription, and for up to 24 months after cancellation for tax and audit purposes. You can request earlier deletion of your account at any time — see our Data Deletion policy for the process and timelines.
Your rights
You can, at any time:
- Access the personal data we hold about you.
- Correct inaccurate data through your account settings.
- Export your contacts and message history as a CSV.
- Request deletion of your account and associated data, subject to legal retention requirements.
To exercise any of these rights, email privacy@comdove.com.
Security
We encrypt data in transit (TLS 1.2+) and at rest (AES-256). Access to production systems is restricted, logged, and reviewed quarterly. We run regular vulnerability scans and engage independent penetration testers annually.
Children
ComDove is a business tool and is not directed at children under 18. We do not knowingly collect personal data from children.
Changes to this policy
We may update this policy as the product evolves. Material changes will be notified by email or in-app at least 14 days before they take effect. The “Last updated” date at the top of this page reflects the most recent revision.