Legal

Privacy Policy

Last updated: June 1, 2026

This is a template for illustration and should be reviewed and adapted by qualified legal counsel before publication.

Introduction

This Privacy Policy explains how Inno Message ("we", "us") collects, uses, discloses and safeguards personal data when you use our website and platform (the "Service"). We are committed to protecting your privacy and handling data transparently.

Information we collect

We collect information you provide directly — such as your name, work email, company and message when you contact us or create an account. When you use the platform, we process operational data including account activity, audit logs, and the message metadata and content you transmit through connected providers. We also collect limited technical data such as IP address and browser information.

How we use information

  • To provide, operate and secure the Service
  • To process prepaid balances, top-ups and billing records
  • To respond to enquiries and provide support
  • To maintain audit trails and detect or prevent abuse
  • To improve the Service and communicate important updates

Legal bases

Where applicable law (such as the GDPR) requires it, we rely on the following bases: performance of a contract, our legitimate interests in operating and securing the Service, compliance with legal obligations, and consent where you have provided it.

How we share information

We share message content with the communication providers you configure — including WhatsApp/Meta, SendGrid and Twilio — solely to deliver your messages. We may share data with service providers who support our operations under appropriate confidentiality and data-protection obligations, and where required by law. We do not sell personal data.

Data retention

We retain personal data for as long as necessary to provide the Service, comply with legal obligations, resolve disputes and enforce agreements. Audit and billing records may be retained for longer where required for legal or accounting purposes. You can request deletion of contact data as described below.

How we protect data

We apply defence-in-depth controls including bcrypt password hashing, hardened sessions, CSRF protection, PDO prepared statements, output escaping, TLS in transit and multi-layer audit logging. See our security overview for details. No method of transmission or storage is perfectly secure, but we work to protect your data using industry-standard measures.

Your rights

Depending on your location, you may have rights to access, correct, delete or port your personal data, to object to or restrict certain processing, and to withdraw consent. To exercise these rights, contact us using the details below. We support data access and deletion controls within the platform to help you meet your own obligations.

Cookies

We use a small number of cookies necessary for authentication and security. For details, see our Cookie Policy.

International transfers

We and our providers may process data in countries other than your own. Where we transfer personal data internationally, we use appropriate safeguards consistent with applicable law.

Children

The Service is intended for businesses and is not directed to children. We do not knowingly collect personal data from children.

Changes to this policy

We may update this Privacy Policy periodically. We will post the updated version with a revised "last updated" date and, where appropriate, provide additional notice.

Contact us

For privacy questions or requests, contact [email protected] or write to Inno Message, 548 Market Street, Suite 320, San Francisco, CA 94104.