Hospifi.io
Get Started Free

Privacy Policy

Last updated: April 24, 2026

Introduction

Hospifi ("we," "us," or "our") provides software that helps businesses manage customer communications, operations, and connected messaging channels. This Privacy Policy explains what information we collect, how we use it, how we share it, and the choices available to you when you use our websites, applications, APIs, and related services (collectively, the "Service").

If you connect Meta products through Hospifi, including the WhatsApp Business Platform (Cloud API and Embedded Signup, including coexistence), Facebook, or Instagram, the Meta- and WhatsApp-specific sections below also apply.

Our Role

Depending on the context, Hospifi may act in different roles:

  • As a controller for information about our own website visitors, account owners, administrators, billing contacts, and direct business relationships.
  • As a processor or service provider for message content, contact data, and related communication records that a business customer chooses to process through Hospifi.

If you are an end user communicating with a business that uses Hospifi, that business is usually the primary party responsible for the conversation and its lawful use. In many cases, you should direct privacy requests to that business first, and we will assist where required by law or by our contractual obligations.

Information We Collect

Account and Business Information

When you create or manage a Hospifi account, we may collect information such as your name, business name, email address, phone number, venue or workspace details, user role, authentication data, and other account administration information.

Usage and Technical Data

We automatically collect technical information about how the Service is accessed and used, such as IP address, browser and device information, operating system, approximate location derived from IP, pages viewed, request timestamps, error logs, and security events.

Payment Information

If you make a purchase, our payment providers collect billing and payment information necessary to process the transaction. We do not store full payment card numbers.

Cookies and Similar Technologies

We use cookies and similar technologies to keep you signed in, remember preferences, secure sessions, understand usage, and improve the Service.

Integration and Connected Account Data

If you connect third-party platforms to Hospifi, we may receive or generate information needed to provide the integration. For Meta-connected products, this may include:

  • business portfolio, Page, Instagram account, WhatsApp Business Account, and phone number identifiers;
  • account names, display names, verified names, business profile details, and channel metadata;
  • granted permissions, scopes, onboarding session information, webhook subscription state, and account health or status information;
  • encrypted credentials, token references, or other authentication artifacts required to keep the integration working.

Communications and Customer Data

When a connected business uses Hospifi for messaging, we may process:

  • message content, attachments, templates, and message metadata;
  • sender and recipient identifiers such as phone numbers, WhatsApp IDs, profile names, Page-scoped IDs, and timestamps;
  • delivery, read, error, status, and event data returned by the connected platform;
  • customer support requests and account communications sent to Hospifi.

WhatsApp Business App Coexistence and Synchronization Data

If a business connects an existing WhatsApp Business app number to Cloud API through Hospifi using Embedded Signup coexistence, and the business authorizes the sync, we may receive and process additional data such as:

  • onboarding session logging data and related business asset IDs;
  • account update, offboarding, reconnection, and disconnection events;
  • synchronized business contact information from the WhatsApp Business app;
  • mirrored business-sent messages from the WhatsApp Business app or supported companion devices;
  • message history and related metadata shared through Meta's synchronization features, which may cover up to the most recent 180 days of eligible one-to-one message history, subject to Meta platform limits and the business customer's choices.

How We Use Information

We use the information we collect to:

  • provide, operate, maintain, and secure the Service;
  • create and manage accounts, venues, workspaces, and permissions;
  • connect, onboard, and manage third-party integrations, including Meta products and the WhatsApp Business Platform;
  • send, receive, route, display, synchronize, and troubleshoot customer communications;
  • process coexistence onboarding, webhook events, message history synchronization, contact synchronization, and account status changes;
  • provide customer support, billing, and account communications;
  • monitor performance, investigate abuse, prevent fraud, and improve reliability and security;
  • comply with applicable law, enforce our agreements, and meet obligations imposed by Meta, WhatsApp, payment providers, and other service partners.

How We Handle WhatsApp Business Platform Data

When Hospifi processes data obtained through the WhatsApp Business Platform on behalf of a connected business customer, we do so only to provide the requested messaging and related services, in accordance with that customer's instructions or authorization and applicable law.

We do not sell WhatsApp Business Platform user data. We also do not use WhatsApp Business Platform user data for our own unrelated advertising, retargeting, or independent profile-building purposes.

How We Share Information

We may share information with:

  • the business customer and its authorized users, administrators, agents, and service providers;
  • Meta, WhatsApp, Facebook, Instagram, and other connected platforms when necessary to provide the requested integration or messaging service;
  • infrastructure, hosting, authentication, email, analytics, error monitoring, payment, and support vendors acting on our behalf;
  • professional advisers, auditors, insurers, regulators, courts, law enforcement, or other authorities when required by law or reasonably necessary to protect rights, safety, and the integrity of the Service;
  • a successor entity in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality protections.

We do not sell personal information.

Data Retention

We retain information for as long as reasonably necessary to provide the Service, maintain active accounts and integrations, resolve disputes, enforce agreements, and comply with legal obligations.

Retention periods may vary by data type. For example:

  • account, billing, and support records may be retained while an account remains active and for a period afterward for legitimate business and legal reasons;
  • integration credentials and webhook state may be retained until they are revoked, rotated, disconnected, or no longer needed;
  • messaging records, synchronized contacts, and message history data may be retained according to customer instructions, workspace configuration, operational needs, and applicable law;
  • limited security, audit, and compliance records may be retained after account closure or integration disconnection, including records relating to our access to and use of WhatsApp Business Platform data where retention is required by applicable law or applicable Meta business messaging terms.

Data Security

We use technical and organizational measures designed to protect information against unauthorized access, disclosure, alteration, and destruction. These measures may include access controls, encryption for sensitive credentials where supported, logging, monitoring, and environment-level secret management. No system is completely secure, however, and we cannot guarantee absolute security.

Your Rights and Choices

Depending on your location and the context in which we process your data, you may have rights to access, correct, export, delete, or restrict the use of your personal information, or to object to certain processing.

If you are a Hospifi customer or account user, you can contact us at privacy@hospifi.io to exercise applicable rights.

If you are an end user who communicated with a business through Hospifi, please contact that business first. We may refer your request to the relevant business customer and support them in responding where appropriate.

Data Deletion and Disconnection

You may request deletion of the information we hold about you by emailing privacy@hospifi.io. We may need to verify your identity and authority before processing the request.

If you connected a Meta, Facebook, Instagram, or WhatsApp integration to Hospifi, you can also disconnect the integration through Hospifi and, where supported, through the relevant Meta or WhatsApp settings. For WhatsApp Business app coexistence connections, disconnection may also be initiated from the WhatsApp Business app where Meta makes that option available.

Disconnecting an integration will usually stop future collection through that integration, but it may not immediately remove data we are required to keep for security, legal, accounting, fraud prevention, audit, or platform-compliance reasons.

If you connected Hospifi through Meta's app and website settings, you may also use Meta's app removal or data deletion controls. If we receive a signed deletion request from Meta, we will process it in accordance with applicable law and our obligations to the requesting user or business.

Public deletion instructions are also available at https://www.hospifi.io/data-deletion.

International Data Transfers

Your information may be processed in countries other than the one in which you live. Where required, we take steps designed to ensure appropriate safeguards are in place for cross-border transfers.

Children's Privacy

The Service is intended for businesses and adults. It is not directed to children under 13, and we do not knowingly collect personal information directly from children under 13. If you believe a child has provided us with personal information, contact us and we will investigate and take appropriate action.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above. If we make material changes, we may provide additional notice through the Service, by email, or by other appropriate means.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at privacy@hospifi.io.

Back to Home