1Overview
BizzNexa Marketing Solutions ("BizzNexa", "we", "us", or "our") operates an AI-powered communication automation platform accessible at bizznexa.com. This Privacy Policy describes how we collect, use, store, and protect information about you when you use our website, platform, or services.
By accessing our website or using our services, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services.
Business details:
- Company: BizzNexa Marketing Solutions
- Registered address: CS-07, Gyan Khand II, Indirapuram, Ghaziabad, Uttar Pradesh â 201014, India
- Email: hello@bizznexa.com
- Phone/WhatsApp: +91 88003 25800
2Information We Collect
2.1 Information You Provide Directly
When you interact with BizzNexa â whether by filling a demo request form, contacting us, or onboarding as a client â we collect:
- Full name, email address, phone/WhatsApp number
- Company name, job title, business type
- Service interest and automation requirements
- Payment and billing information (processed via secured payment gateways â we do not store card details)
- Any files, content, or data you share with us in the course of service delivery
2.2 Information Collected Automatically
When you visit our website, we automatically collect certain technical information:
- IP address, browser type and version, operating system
- Pages viewed, time spent on pages, referral URLs
- Device type (mobile, tablet, desktop)
- Cookies and similar tracking technologies (see Section 8)
- Google Analytics data (anonymised by default)
2.3 Client and End-User Messaging Data
When you use our WhatsApp, SMS, RCS, or IVR automation services, we may process:
- Phone numbers and message content belonging to your customers (end users)
- Delivery receipts, read receipts, and response data
- Conversation logs for the purpose of automation flow execution
- IVR call recordings (where enabled and consented to by end users)
3How We Use Your Data
We use the information we collect for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Providing and operating our services | Contractual necessity |
| Processing demo requests and enquiries | Legitimate interest / consent |
| Sending service-related communications (onboarding, billing, support) | Contractual necessity |
| Sending marketing communications (newsletters, updates) | Consent (opt-in only) |
| Improving platform features and user experience | Legitimate interest |
| Analytics and performance monitoring | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
| Fraud prevention and platform security | Legitimate interest |
We will never use your data for purposes incompatible with those listed above without first obtaining your explicit consent.
4WhatsApp & Messaging Data
BizzNexa operates as an official Meta Business Solution Provider (BSP). Our use of the WhatsApp Business API is governed by Meta's Business and Platform policies, in addition to this Privacy Policy.
4.1 Our Obligations as a BSP
- We only process WhatsApp messages as instructed by our clients
- We do not use end-user message data for advertising or profiling
- Message content is encrypted in transit and access-controlled at rest
- We adhere to Meta's Messaging Policy including opt-in, opt-out, and template requirements
4.2 SMS and DLT Compliance
All promotional and transactional SMS sent through BizzNexa are compliant with TRAI's Distributed Ledger Technology (DLT) regulations. Client sender IDs and message templates are registered on the DLT platform before deployment. We retain DLT registration records for the minimum period required by TRAI.
4.3 IVR Call Data
IVR call logs are stored for a maximum of 90 days unless a client requests extended retention for compliance purposes. Call recordings (where applicable) are stored with AES-256 encryption and accessible only to the client and BizzNexa support staff with a legitimate need.
5Data Sharing
We may share your information with the following categories of third parties, strictly on a need-to-know basis:
5.1 Service Providers (Sub-processors)
- SandeshTech â our primary WhatsApp Business Solution Provider for API connectivity
- Cloud infrastructure providers â for hosting and data storage (servers located in India or regions with adequate data protection)
- Payment processors â for billing and invoicing (PCI-DSS compliant)
- Analytics tools â Google Analytics (anonymised), and similar platforms for website analytics
- Email and communication tools â for sending transactional and marketing emails (opt-in only)
5.2 Legal Requirements
We may disclose your information if required to do so by law, court order, or government authority â including in response to requests from Indian regulatory bodies (TRAI, MeitY, etc.).
5.3 Business Transfers
In the event of a merger, acquisition, or sale of all or part of our assets, your data may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our website at least 30 days before such a transfer takes effect.
6Data Retention
We retain personal data only as long as necessary for the purposes described in this policy, or as required by law:
| Data Type | Retention Period |
|---|---|
| Demo requests and leads | 3 years from last contact |
| Active client account data | Duration of contract + 2 years |
| Billing and invoice records | 7 years (as required by Indian tax law) |
| WhatsApp/SMS message logs | 90 days (default); extendable by client |
| IVR call recordings | 90 days |
| Website analytics data | 26 months (Google Analytics default) |
| Marketing email consent records | Until consent is withdrawn + 1 year |
When data is no longer required, it is securely deleted or anonymised using industry-standard methods.
7Security
We take the security of your data seriously and implement appropriate technical and organisational measures including:
- Encryption in transit: All data transmitted between your browser and our servers uses TLS 1.2 or higher (HTTPS)
- Encryption at rest: Sensitive data is encrypted using AES-256
- Access controls: Role-based access control (RBAC) with principle of least privilege
- Two-factor authentication: Required for all BizzNexa staff accessing client data systems
- Regular security reviews: Periodic vulnerability assessments and code reviews
- Incident response: We maintain a documented data breach response process
8Cookies & Tracking
Our website uses cookies and similar tracking technologies. Here's what we use and why:
| Cookie Type | Purpose | Can be disabled? |
|---|---|---|
| Strictly necessary | Session management, security, basic functionality | No â required for the site to work |
| Analytics (Google Analytics) | Understanding how visitors use the site; improving content | Yes â via browser settings or cookie banner |
| Google Tag Manager | Managing marketing and analytics tags | Yes |
| Marketing/Retargeting | Serving relevant ads on Google and Meta platforms | Yes â requires opt-in consent in India |
You can control cookies through your browser settings. Disabling analytics or marketing cookies will not affect your ability to use the core website, but some features may behave differently.
Our site uses Google Tag Manager (GTM-PG78C3X7) and Google Analytics 4 (G-YNKRBL1ZWH) for traffic analysis. These are configured with IP anonymisation enabled.
9Your Rights
Under India's Digital Personal Data Protection Act, 2023 (DPDPA), you have the following rights with respect to your personal data:
- Right to access â Request a copy of the personal data we hold about you
- Right to correction â Request correction of inaccurate or incomplete data
- Right to erasure â Request deletion of your data (subject to legal retention requirements)
- Right to withdraw consent â Withdraw consent for marketing communications at any time
- Right to grievance redressal â Raise a complaint if you believe your data rights have been violated
- Right to nominate â Nominate another person to exercise your rights in the event of your death or incapacity
To exercise any of these rights, contact us at hello@bizznexa.com with the subject line "Data Rights Request". We will respond within 30 days.
10Children's Privacy
BizzNexa's services are intended for businesses and professionals aged 18 and above. We do not knowingly collect or process personal data from children under the age of 18.
If you believe we have inadvertently collected data from a minor, please contact us immediately at hello@bizznexa.com and we will delete it promptly.
11Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practices. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify active clients by email at least 14 days before the changes take effect
- Post a notice on our homepage for significant changes
Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated policy.
12Contact Us
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please reach out to our team: