Raqi logo
English العربية
Open App

Legal documents

Privacy Policy

How Raqi collects, uses, stores, shares, and protects personal data for managed WhatsApp workflow services.

Effective Date: May 9, 2026 Last Updated: May 9, 2026

This Privacy Policy explains how Raqi, operated by Raqi Technologies FZC LLC (“Raqi”, “we”, “us”, or “our”), collects, uses, stores, shares, and protects personal data when we provide our managed WhatsApp workflow services, related software, integrations, Meta/WhatsApp Business Platform app functionality, websites, support channels, and related services (collectively, the “Services”).

Raqi provides managed WhatsApp workflow operations for businesses. This means we help business customers set up or connect their own WhatsApp Business sender, configure WhatsApp Business Platform access, integrate business systems, submit and manage message templates, send and receive WhatsApp messages, route workflow actions, monitor delivery, troubleshoot failures, and maintain automations.

This Privacy Policy applies to:

  1. Business customers that use Raqi to operate WhatsApp workflows.
  2. Authorized users of our business customers, such as administrators, employees, and operators.
  3. Individuals who receive or send WhatsApp messages through workflows operated by Raqi on behalf of our business customers.
  4. Visitors to our website or people who contact us for sales, support, or business inquiries.
  5. Users who authorize or connect Meta, WhatsApp Business Platform, or related business assets to Raqi.

If you interact with a business that uses Raqi, that business may also have its own privacy policy. In many cases, that business is responsible for deciding why and how your personal data is used, and Raqi processes the data on that business’s behalf.

1. Who We Are

Controller / Business: Raqi Technologies FZC LLC Trading as: Raqi Address: Al Zahia Area - Entrance No. 2 - Ground Floor - Sheikh Mohammed Bin Zayed Rd - Sharjah - United Arab Emirates Email: legal@raqi.com Website: https://raqi.com

Privacy Contact: For privacy questions, data requests, or deletion requests, contact us at:

legal@raqi.com

2. Our Role

Raqi may act in different roles depending on the situation.

2.1 When We Act as a Service Provider / Processor

When Raqi operates WhatsApp workflows for a business customer, the business customer usually determines:

  • Which people should receive messages.
  • What message content should be sent.
  • Which business events trigger messages.
  • Which systems are connected to the workflow.
  • The lawful basis, consent, opt-in, or other permission used to contact recipients.

In those cases, Raqi processes personal data on behalf of the business customer to provide the Services.

2.2 When We Act as a Controller

Raqi acts as a controller for personal data we use for our own business purposes, such as:

  • Managing our customer relationships.
  • Responding to sales or support inquiries.
  • Managing accounts, billing, contracts, and security.
  • Operating our website.
  • Improving, securing, and administering our Services.
  • Complying with legal obligations.

3. Data We Collect

We collect only the data reasonably necessary to provide, secure, support, and improve the Services.

3.1 Business Customer Data

We may collect data about our business customers and their authorized users, including:

  • Name.
  • Job title.
  • Business email address.
  • Business phone number.
  • Company name.
  • Company address.
  • Billing and contract information.
  • Support communications.
  • Login, account, and authorization details.
  • Role, permission, and access settings.
  • Business verification and onboarding information.
  • WhatsApp Business Account information.
  • Meta Business Portfolio information.
  • WhatsApp sender phone numbers.
  • Message template information.
  • Business profile information.
  • Technical configuration details.

3.2 WhatsApp Business Platform and Meta App Data

When a business customer authorizes Raqi through Meta, WhatsApp Business Platform, Embedded Signup, Business Manager, or related Meta tools, we may access data that the business customer permits us to access, including:

  • WhatsApp Business Account IDs.
  • Business Portfolio IDs.
  • WhatsApp phone number IDs.
  • Sender phone numbers and display names.
  • Business profile information.
  • Message templates and template status.
  • Template categories and language settings.
  • Message quality, status, and delivery information.
  • Webhook events.
  • API configuration data.
  • Access tokens, authorization tokens, and technical credentials.
  • Messaging permission data necessary to send and manage WhatsApp messages.
  • Business asset information necessary to provide the Services.

Raqi uses this data only to provide, operate, secure, and support the Services requested by the business customer.

3.3 WhatsApp Message and Recipient Data

When Raqi operates a WhatsApp workflow for a business customer, we may process data relating to message recipients, including:

  • Mobile phone number.
  • WhatsApp ID or other messaging identifier.
  • WhatsApp profile name, if provided by WhatsApp.
  • Message content.
  • Message templates and template variables.
  • Message timestamps.
  • Message delivery, read, failed, and status events.
  • Replies and inbound messages.
  • Opt-in, opt-out, unsubscribe, block, or consent status where available.
  • Workflow event data, such as order status, invoice status, appointment status, delivery status, support request status, form submission status, or approval status.
  • Links, shortlinks, button clicks, and workflow actions.
  • Support conversation history where applicable.

3.4 Customer System and Integration Data

If a business customer connects Raqi to a CRM, ERP, e-commerce system, delivery system, accounting system, form tool, helpdesk, spreadsheet, database, or other business system, we may process data from those systems as needed to run the configured workflow.

This may include:

  • Customer names.
  • Phone numbers.
  • Email addresses.
  • Order numbers.
  • Invoice numbers.
  • Booking details.
  • Delivery details.
  • Payment status.
  • Ticket or case details.
  • Appointment details.
  • Form responses.
  • Internal reference numbers.
  • Workflow status and logs.

Business customers are responsible for ensuring that any connected system data they provide to Raqi is lawful, accurate, relevant, and appropriate for the workflow.

3.5 Website, Device, and Technical Data

When you visit our website, use our Services, or interact with our systems, we may collect:

  • IP address.
  • Browser type.
  • Device type.
  • Operating system.
  • Referring pages.
  • Pages viewed.
  • Date and time of access.
  • Log data.
  • Error logs.
  • Authentication events.
  • Security events.
  • Cookie or similar technology data, where applicable.

3.6 Communications Data

When you contact us, we may collect:

  • Name.
  • Contact details.
  • Company details.
  • Message content.
  • Attachments.
  • Support tickets.
  • Call, email, or chat records.
  • Feedback and survey responses.

4. How We Collect Data

We collect data from:

  • You directly.
  • Our business customers.
  • Authorized users of our business customers.
  • Meta and WhatsApp Business Platform APIs.
  • WhatsApp webhook events.
  • Connected business systems and integrations.
  • Forms, support requests, emails, calls, and chats.
  • Our website and technical systems.
  • Service providers that help us operate the Services.

5. How We Use Data

We use personal data for the following purposes:

5.1 To Provide the Services

We use data to:

  • Set up or connect a business customer’s WhatsApp Business sender.
  • Configure WhatsApp Business Platform access.
  • Submit, manage, and monitor message templates.
  • Send WhatsApp messages on behalf of business customers.
  • Receive inbound WhatsApp messages.
  • Route replies, buttons, forms, links, and workflow actions.
  • Connect business systems to WhatsApp workflows.
  • Trigger messages based on business events.
  • Monitor message delivery and failure status.
  • Troubleshoot errors.
  • Provide workflow logs and operational reporting.
  • Maintain workflow reliability.
  • Provide support and account management.

5.2 To Manage Meta and WhatsApp Business Platform Permissions

We use Meta and WhatsApp Business Platform permissions only for the purposes authorized by the business customer, including:

  • Managing WhatsApp Business Accounts.
  • Managing sender phone numbers.
  • Managing message templates.
  • Sending and receiving WhatsApp messages.
  • Receiving message status events.
  • Configuring webhooks.
  • Supporting customer onboarding.
  • Maintaining workflow operations.
  • Troubleshooting and support.

We do not use Meta or WhatsApp data for unrelated advertising, profiling, resale, or unauthorized purposes.

5.3 To Communicate With Customers and Users

We use data to:

  • Respond to inquiries.
  • Provide support.
  • Send service updates.
  • Send administrative notices.
  • Manage customer relationships.
  • Share billing or contract information.
  • Notify customers of workflow, security, or service issues.

5.4 To Improve and Secure the Services

We use data to:

  • Monitor performance.
  • Detect and prevent abuse, spam, fraud, unauthorized access, and security incidents.
  • Debug and improve workflows.
  • Maintain service reliability.
  • Improve onboarding, templates, integrations, and support processes.
  • Generate aggregated or anonymized analytics.

5.5 To Comply With Law and Platform Requirements

We use data to:

  • Comply with applicable laws and regulations.
  • Comply with Meta and WhatsApp Business Platform requirements.
  • Respond to lawful requests.
  • Enforce contracts and policies.
  • Maintain required records.
  • Protect the rights, safety, and security of Raqi, our customers, WhatsApp users, and others.

Business customers are responsible for ensuring that they have all required notices, permissions, consents, opt-ins, or other lawful bases before using Raqi to contact individuals on WhatsApp.

Business customers must not use Raqi to send unlawful, misleading, unexpected, abusive, or unauthorized messages.

Where Raqi provides opt-out handling as part of a workflow, we will process opt-out requests according to the workflow configuration. This may include recording unsubscribe status, suppressing future messages, notifying the business customer, or routing the request to the business customer.

Individuals may also stop receiving messages by:

  • Replying with an opt-out keyword if the workflow supports it, such as STOP, UNSUBSCRIBE, or an equivalent instruction.
  • Contacting the business that sent the message.
  • Blocking or reporting the business in WhatsApp.
  • Contacting Raqi at legal@raqi.com if the message was sent through a workflow operated by Raqi.

7. Data We Do Not Sell

Raqi does not sell personal data.

Raqi does not sell WhatsApp message content, recipient phone numbers, customer lists, Meta platform data, or workflow data.

Raqi does not use WhatsApp message content for third-party advertising.

Raqi does not share WhatsApp recipient data with unrelated third parties for their own marketing purposes.

8. Sensitive Data

Unless expressly agreed in writing and legally permitted, business customers must not use Raqi to send, request, collect, or process highly sensitive personal data through WhatsApp workflows, including:

  • Full payment card numbers.
  • Full bank account numbers.
  • National ID numbers or passport numbers.
  • Health or medical information.
  • Biometric data.
  • Passwords or authentication secrets.
  • Highly confidential personal records.
  • Data about children.
  • Any data that applicable law or platform policy prohibits or restricts.

If a workflow requires sensitive or regulated data, the business customer must notify Raqi in advance so that appropriate legal, security, and operational controls can be assessed.

Depending on the context and applicable law, we process personal data based on one or more of the following legal bases:

  • Performance of a contract.
  • Steps taken before entering into a contract.
  • Consent.
  • Compliance with legal obligations.
  • Legitimate business interests, such as providing, securing, improving, and supporting the Services.
  • The lawful instructions of a business customer when we act as a processor or service provider.
  • Other lawful bases permitted by applicable data protection laws.

When a business customer uses Raqi to message individuals, the business customer is responsible for determining and documenting the lawful basis for sending those messages and for providing required notices and consent mechanisms.

10. How We Share Data

We share personal data only as needed to provide, secure, support, or improve the Services, or as required by law.

10.1 Business Customers

If you are a message recipient or end user, we may share your data with the business customer that configured or requested the workflow.

10.2 Meta and WhatsApp

We share data with Meta, WhatsApp, and related platform services as necessary to send, receive, manage, and monitor WhatsApp Business Platform messages and related business assets.

10.3 Service Providers

We may share data with trusted service providers that help us operate the Services, such as:

  • Cloud hosting providers.
  • Database and infrastructure providers.
  • Security and monitoring providers.
  • Email and communication providers.
  • Customer support tools.
  • Analytics and logging providers.
  • Billing and payment providers.
  • Professional advisers.
  • Integration and automation providers.

These providers are authorized to process data only as needed to provide services to Raqi and are expected to protect personal data appropriately.

10.4 Connected Business Systems

When a business customer connects a third-party system to Raqi, we may send data to or receive data from that system as necessary to operate the workflow.

We may disclose data if we reasonably believe disclosure is necessary to:

  • Comply with law.
  • Respond to lawful requests.
  • Enforce agreements.
  • Protect security.
  • Prevent fraud, spam, abuse, or unauthorized access.
  • Protect the rights, property, or safety of Raqi, our customers, users, or others.

10.6 Business Transfers

If Raqi is involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, personal data may be transferred as part of that transaction, subject to appropriate confidentiality and data protection safeguards.

11. International Transfers

Raqi may process and store personal data in countries other than the country where the data was originally collected.

When we transfer personal data internationally, we take steps designed to protect the data according to applicable legal requirements. These steps may include contractual protections, data processing agreements, standard contractual clauses, transfer impact assessments, or other lawful transfer mechanisms where required.

Business customers are responsible for ensuring that their use of Raqi and their transfer of data to Raqi is permitted under applicable law.

12. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law, contract, platform requirement, dispute resolution, security, or legitimate business needs.

Unless otherwise agreed with a business customer:

  • WhatsApp workflow logs may be retained for operational support, troubleshooting, analytics, audit, and compliance purposes.
  • Message content may be retained as needed to operate and support the workflow.
  • Opt-out and suppression records may be retained as long as necessary to honor unsubscribe and consent preferences.
  • Account, billing, tax, and contract records may be retained as required for legal, accounting, and compliance purposes.
  • Security logs may be retained as needed to detect, investigate, and prevent abuse or unauthorized access.
  • Backups may retain data for a limited period before deletion through the normal backup lifecycle.

When personal data is no longer needed, we delete, anonymize, or securely isolate it according to our retention practices and legal obligations.

13. Data Deletion Requests

13.1 Requests From Business Customers

Business customers may request deletion of their account data, workflow data, Meta/WhatsApp connection data, or other personal data by contacting:

legal@raqi.com

We may need to retain certain information where required by law, contract, security, billing, dispute resolution, or compliance obligations.

13.2 Requests From WhatsApp Message Recipients

If you received a WhatsApp message from a business using Raqi, you should first contact that business directly because it usually controls the message data and decides how it is used.

You may also contact Raqi at:

legal@raqi.com

Please include:

  • Your phone number in international format.
  • The name of the business that messaged you.
  • A screenshot or description of the message, if available.
  • The action you are requesting, such as access, correction, deletion, or opt-out.

We may forward your request to the relevant business customer or act on it where we are able and legally permitted to do so.

13.3 Meta Platform Data Deletion Instructions

If you authorized Raqi through Meta, Facebook, WhatsApp Business Platform, Embedded Signup, or Business Manager and want us to delete data received through Meta platform permissions, you may request deletion by emailing:

legal@raqi.com

Use the subject line:

Meta Data Deletion Request

Please include:

  • Your name.
  • Company name.
  • Meta Business Portfolio ID, if known.
  • WhatsApp Business Account ID, if known.
  • WhatsApp phone number, if relevant.
  • Email address used for the authorization.
  • Description of the data you want deleted.

After we receive and verify your request, we will delete or deauthorize the applicable Meta platform data unless we are required or permitted to retain it for legal, security, compliance, dispute, billing, or legitimate operational reasons.

You may also remove Raqi’s access directly through Meta Business Manager, Business Settings, or the relevant Meta app authorization settings.

14. Security

We use technical, organizational, and administrative safeguards designed to protect personal data, including:

  • Access controls.
  • Role-based permissions.
  • Authentication controls.
  • Encryption in transit where applicable.
  • Secure storage practices.
  • Token and credential protection.
  • Logging and monitoring.
  • Vulnerability and incident management.
  • Backup and recovery controls.
  • Employee and contractor confidentiality obligations.
  • Limiting access to personnel who need data to provide or support the Services.

No system is completely secure. We cannot guarantee that unauthorized access, loss, misuse, or disclosure will never occur, but we work to reduce those risks and respond appropriately if a security incident occurs.

15. Access Tokens and Credentials

When Raqi receives access tokens, API keys, webhook secrets, or similar credentials, we use them only to provide the Services authorized by the business customer.

We take steps designed to protect credentials against unauthorized access and use. Business customers should promptly notify Raqi if they believe credentials have been compromised or if access should be revoked.

16. Your Privacy Rights

Depending on your location and applicable law, you may have rights to:

  • Be informed about how your personal data is used.
  • Access your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request deletion or destruction of personal data.
  • Withdraw consent where processing is based on consent.
  • Object to or restrict certain processing.
  • Request data portability where applicable.
  • Complain to a data protection authority.
  • Request information about sharing or international transfers where applicable.

To exercise your rights, contact:

legal@raqi.com

We may need to verify your identity before responding. If your request relates to a business customer’s workflow, we may refer your request to that business customer or coordinate with them.

17. Saudi Arabia Privacy Rights

Where the Saudi Personal Data Protection Law or related regulations apply, individuals may have rights under that law, including rights to be informed, access personal data, request correction, request destruction of personal data, and withdraw consent where applicable.

Requests may be sent to:

legal@raqi.com

If you are not satisfied with our response, you may have the right to submit a complaint to the competent authority in Saudi Arabia, where applicable.

18. EEA, UK, and Other Regional Rights

Where the GDPR, UK GDPR, or similar laws apply, you may have additional rights, including the right to lodge a complaint with your local supervisory authority.

Where other regional privacy laws apply, we will handle requests according to applicable requirements.

19. Cookies and Similar Technologies

Our website may use cookies and similar technologies to:

  • Operate the website.
  • Remember preferences.
  • Understand website usage.
  • Improve performance.
  • Protect security.
  • Support analytics and marketing where permitted.

You can control cookies through your browser settings. Some website features may not work properly if cookies are disabled.

20. Automated Processing

Raqi may use automated workflow rules to route messages, trigger notifications, update statuses, generate logs, send reminders, or perform similar operational actions configured by a business customer.

Raqi does not use WhatsApp workflow data to make automated decisions that produce legal or similarly significant effects about individuals unless this has been expressly configured by a business customer and is lawful.

21. Children

The Services are intended for use by businesses and are not directed to children.

Business customers must not use Raqi to knowingly collect personal data from children or send WhatsApp messages to children unless they have all required legal authority, parental or guardian consent where required, and appropriate safeguards.

The Services may contain links or integrations to third-party websites, systems, or services. Raqi is not responsible for the privacy practices of third parties. Their own privacy policies apply to their collection and use of personal data.

23. Business Customer Responsibilities

Business customers using Raqi are responsible for:

  • Providing required privacy notices to their customers and message recipients.
  • Obtaining required consent, opt-in, or other lawful permission before sending WhatsApp messages.
  • Ensuring message content is lawful, accurate, and appropriate.
  • Honoring opt-out, unsubscribe, block, and deletion requests.
  • Ensuring connected system data is lawful and relevant.
  • Maintaining their own privacy policy.
  • Complying with WhatsApp Business Platform policies, Meta policies, and applicable law.
  • Avoiding prohibited, restricted, misleading, spam, or abusive messaging.
  • Informing Raqi of any special legal, security, or regulatory requirements that apply to their workflows.

24. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

If we make material changes, we will take reasonable steps to notify affected customers or users, such as posting the updated policy on our website or sending a notice through appropriate channels.

The “Last Updated” date at the top of this Privacy Policy shows when it was last revised.

25. Contact Us

For privacy questions, requests, or complaints, contact us at:

Raqi Technologies FZC LLC Trading as: Raqi Address: Al Zahia Area - Entrance No. 2 - Ground Floor - Sheikh Mohammed Bin Zayed Rd - Sharjah - United Arab Emirates Email: legal@raqi.com Website: https://raqi.com

For Meta platform data deletion requests, use the subject line:

Meta Data Deletion Request

For WhatsApp opt-out or deletion requests, please include the phone number that received the message and the name of the business that contacted you.