Legal · Product Policy
Privacy Policy
WhatsApp Commerce Worker
Last updated: April 25, 2025 · Operated by: SAMSBPM Technologies Inc.
1. Who We Are
WhatsApp Commerce Worker is a multi-tenant SaaS platform that enables retail businesses (“Merchants”) to sell products and manage orders through WhatsApp Business messaging. The platform is operated by SAMSBPM Technologies Inc. (“Platform Operator”, “we”, “us”).
2. Roles and Responsibilities
This policy covers the Platform Operator’s data practices. Each Merchant is responsible for maintaining their own privacy policy governing their end-user relationships.
| Role | Description |
|---|---|
| Platform Operator | Operates the Cloudflare Worker infrastructure; provides the commerce bot software |
| Merchant (Tenant) | Each business registered on the platform; acts as an independent data controller for their customers |
| End User | The WhatsApp user who messages a Merchant's business number |
3. Data Collected
3a. Data Collected from End Users (WhatsApp Customers)
The following data is collected from End Users who message a Merchant’s WhatsApp Business number:
| Data | When Collected | Purpose |
|---|---|---|
| WhatsApp phone number | On every message | Session identification; customer lookup in Merchant's backend |
| Full name | During checkout (optional for returning customers) | Order fulfillment |
| Email address | During checkout (explicitly optional — user may skip) | Order confirmation |
| Cart contents | During shopping session | Order processing |
| Selected pickup location | During checkout | Order fulfillment |
| Conversation state | Throughout session | Routing user through commerce flow |
| Message history | Only when AI mode is enabled (last 20 turns) | Natural language understanding via GPT-4o-mini |
3b. Data NOT Collected
- Message media (images, audio, video, documents) — only text and interactive reply IDs are processed
- Payment card or financial data
- Device identifiers beyond phone number
- Location data
- Contact lists
4. How Data Is Used
- Session data is used exclusively to route users through the conversational commerce flow (browse products, add to cart, place orders, check order status).
- Phone number is used to look up returning customers from the Merchant’s backend so they don’t need to re-enter their name and email.
- Name and email are transmitted to the Merchant’s backend solely when an order is placed, to fulfill that order.
- Message history (when AI mode is enabled) is passed to OpenAI’s GPT-4o-mini API to enable natural language shopping; history is capped at 20 turns and cleared when the user resets the conversation.
5. Data Sharing
We share data with the following parties only as necessary to operate the service:
| Party | Data Shared | Basis |
|---|---|---|
| Merchant's backend | Phone number, name, email, order items, pickup location | Order fulfillment |
| Meta Platforms | WhatsApp messages (text, interactive replies) | Message delivery via Cloud API v19.0 |
| OpenAI (if AI mode enabled) | Conversation history (last 20 turns) | Natural language processing |
| Cloudflare | Session data stored in Cloudflare KV | Infrastructure provider |
We do not sell user data. We do not use user data for advertising.
6. Data Retention
| Data | Retention Period |
|---|---|
| User sessions (cart, state, customer info) | 24 hours — automatically deleted by Cloudflare KV expiry |
| Idle session reset | 30 minutes of inactivity — cart and order state reset; customer name/email preserved until 24h expiry |
| Tenant (Merchant) configuration | Until the Merchant is removed via the Admin API |
| Order and customer records | Retained by the Merchant's own backend per their data policy; the platform does not independently store order history |
7. Security
We implement the following security measures:
- Webhook authentication — Every inbound message is validated using HMAC-SHA256 with a secret key before processing. The comparison is timing-safe to prevent timing attacks.
- Admin API protection — Platform administration endpoints require a bearer token.
- Secret management — Meta access tokens and API keys are stored as encrypted secrets in Cloudflare Workers — never in source code or configuration files.
- Tenant isolation — Each Merchant’s sessions are stored under a namespace keyed by their unique WhatsApp Phone Number ID. Tenants cannot access each other’s data.
- Token redaction — Sensitive tokens are masked (
***) in all API read responses.
8. User Rights
Session data expires automatically within 24 hours. There is no action required to delete it.
For order history, customer profile, or other data held by the Merchant’s backend, End Users should contact the Merchant directly.
For questions about data held at the platform level, contact us at: samudralasudheer@samsbpm.ca
9. Merchant Obligations
Each Merchant registered on this platform agrees to:
- Maintain their own privacy policy covering their end-user data practices
- Use the platform only for legitimate commerce purposes (responding to customer-initiated messages)
- Not use the platform to send unsolicited marketing messages
- Comply with Meta’s WhatsApp Business Policy and applicable data protection laws
10. Changes to This Policy
We may update this policy periodically. The “Last updated” date at the top reflects the most recent revision. Continued use of the platform constitutes acceptance of the updated policy.
11. Contact
For privacy questions or data requests related to this platform:
SAMSBPM Technologies Inc.
Email: samudralasudheer@samsbpm.ca
Address: 20 Peter Hogg Crt, Whitby, ON, Canada, L1P 0N1