Wharm Privacy Policy

Wharm ("we," "our," "us") is an AI-powered Customer Relationship Management (CRM) platform that prioritizes WhatsApp as the primary communication channel for businesses. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website, applications, and services (collectively, the "Services").

By using Wharm, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect the following types of information:

a) Information You Provide

• Account registration details (name, email address, password).
• Organization details (company name, billing information).
• Contact information added to the CRM (customer phone numbers, email addresses).
• Content of messages, including WhatsApp message content and metadata, campaign data, and automation workflows.
• Knowledge-base entries you or your organization upload.

b) Information Collected Automatically

• Log data (IP address, browser type, access times).
• Usage data (features accessed, frequency of interactions).
• Device information (operating system, unique device identifiers).

c) Third-Party Integrations

When you connect third-party services (e.g., WhatsApp via Meta, email providers, OpenAI for AI responses, Supabase for database and authentication), we may collect data required to enable those integrations.

2. How We Use Information

We use collected information to:

• Provide, operate, and maintain the Wharm platform.
• Facilitate communications between you and your customers via WhatsApp, email, or other channels.
• Process and store WhatsApp messages and metadata in order to deliver the WhatsApp Business Platform services.
• Enable AI-powered features such as message summarization, sentiment analysis, and lead scoring.
• Improve service performance, analytics, and user experience.
• Ensure compliance with Meta's WhatsApp Business Platform policies, including respecting user opt-in and opt-out choices.
• Communicate with you about product updates, support, and billing.

3. Sharing of Information

We do not sell user or customer data. We share information only in the following cases:

• With Service Providers: Third-party providers who help us deliver the Services (e.g., Meta/WhatsApp, email services, AI providers, hosting providers).
• With Your Consent: If you authorize integrations or sharing with other apps.
• For Legal Reasons: If required by law, legal process, or to protect rights, safety, or property.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, data may be transferred to the new owner under the same privacy commitments.

4. Data Retention

We retain data only as long as necessary for the purposes set out in this policy, or as required by law.

• Customer conversations and CRM records are retained while your subscription is active.
• You may request deletion of data at any time.

5. Data Security

We implement technical and organizational safeguards to protect data, including:

• Encryption in transit (TLS) and at rest.
• Access controls with role-based permissions.
• Regular audits and monitoring for unauthorized access.

6. User Rights

Depending on your jurisdiction, you may have the right to:

• Access the data we hold about you.
• Correct inaccurate or incomplete data.
• Request deletion of your data.
• Restrict or object to certain processing activities.
• Export your data in a portable format.

WhatsApp user consent: We only send WhatsApp messages to end-users who have provided prior opt-in consent, in line with Meta's WhatsApp Business Platform policies. End-users may opt out at any time by contacting the business directly or replying with "STOP" (or equivalent instructions provided in the message).

Requests can be made by contacting us at: hello@sfera.studio.

7. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect data from minors.

8. International Data Transfers

Wharm operates globally. By using our Services, you consent to the transfer of information outside your country of residence, including to jurisdictions with different data protection laws. We comply with applicable data protection frameworks, including the EU General Data Protection Regulation (GDPR), the Malaysia Personal Data Protection Act (PDPA), and Meta's WhatsApp Business terms.

9. Updates to this Policy

We may update this Privacy Policy from time to time. The revised version will be posted with a new "Last Updated" date. Continued use of our Services means you accept the updated policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at: