Now liveInstagram, Messenger & official WhatsApp — every channel, one AI agent.See all channels

Privacy Policy

Last updated: June 3, 2026

Waslo ("we", "us", or "our") operates the Waslo platform at waslo.io. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account we collect your name, email address, and password (hashed). If you sign in with Google OAuth we receive your Google profile name, email, and profile image.

Channel Data

Waslo connects to multiple messaging channels — WhatsApp (QR or Cloud API), Telegram, Instagram, Messenger, Email (Gmail), and Outlook. When you connect a channel, we store the encrypted authentication state (OAuth tokens, bot tokens, or session credentials, depending on channel) required to maintain the connection. We process incoming and outgoing messages on connected channels to provide AI responses, lead classification, and conversation history. Message content is stored securely to power conversation features and is associated with your organization. Channel-specific scopes are limited to messaging permissions only — for example, we do not request post or publish permissions on Instagram or Facebook.

Lead Data

We store lead information including phone numbers, names, conversation history, classification status, and any data imported from Google Sheets or CRM integrations.

Usage Data

We automatically collect information about how you interact with the platform, including pages visited, features used, and timestamps.

2. How We Use Your Information

  • Provide, maintain, and improve the Waslo platform
  • Generate AI-powered responses to customer messages on connected channels
  • Classify leads and trigger automated follow-ups
  • Send notifications via Telegram when configured
  • Sync data with Google Sheets and CRM webhooks as configured
  • Process billing and manage your subscription
  • Send service-related communications
  • Detect and prevent fraud or abuse

3. Third-Party Services

We may share limited data with trusted third-party service providers that help us operate the platform. These include services for:

  • AI processing — to generate responses and classify leads
  • Payment processing — to handle subscriptions and billing
  • Cloud hosting — to securely store and serve your data
  • Integrations you enable — such as Google Sheets and Telegram, which only activate when you configure them

Each third-party service has its own privacy policy. We only share the minimum data necessary for them to perform their function.

4. Google API Services — Limited Use

Waslo's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, when you choose to connect Google Calendar, Waslo requests only the calendar.events scope — used to read your availability and to create, update, or cancel appointment events on your behalf. Information obtained from Google Calendar is used solely to provide the in-product scheduling and booking features you enable. We do not:

  • transfer this data to others, except as necessary to provide or improve the booking feature, to comply with applicable law, or as part of a merger or acquisition;
  • use this data for serving advertisements; or
  • allow humans to read this data, unless we have your affirmative agreement for specific items, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or the data has been aggregated and anonymized.

5. Meta Platform Data

Waslo's use of data received from Meta Platforms (Facebook Messenger and Instagram) complies with the Meta Platform Terms and Developer Policies.

When you connect a Facebook Page or Instagram professional account, Waslo requests only messaging-related permissions — such as receiving and sending messages and reading the basic Page or account profile needed to route conversations. We do not request permission to publish or post content. Information received from Meta — including message content and the page-scoped IDs (PSIDs) of people who message you — is used solely to provide the AI messaging, lead management, and conversation features you enable. We do not sell this data, use it for advertising, or transfer it to third parties except as necessary to provide the service or comply with applicable law.

You can request deletion of your Meta-sourced data at any time through our Data Deletion page or via Meta's data deletion callback.

6. Data Storage and Security

Your data is stored in encrypted databases hosted on secure, enterprise-grade cloud infrastructure. Channel authentication credentials (WhatsApp sessions, OAuth refresh tokens for Gmail/Outlook/Meta, Telegram bot tokens, etc.) are encrypted at rest using industry-standard authenticated encryption. All data is transmitted over HTTPS/TLS. We implement rate limiting, security headers, and token-based authentication to protect access.

7. Data Retention

We retain your account and conversation data for as long as your account is active. If you delete your account, we will delete your personal data and conversation history within 30 days, except where we are required to retain it by law.

8. Data Isolation

Waslo is a multi-tenant platform. Each organization's data is strictly isolated — you can only access data belonging to your own organization. All queries are scoped by organization to prevent cross-tenant data access.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your lead and conversation data
  • Withdraw consent for data processing

To exercise any of these rights, contact us at hello@waslo.io.

10. Cookies

We use essential cookies for authentication and session management. We may use analytics cookies to understand platform usage. You can disable non-essential cookies through your browser settings.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at: hello@waslo.io