Get 60 free trial credit of every new sign-up,

Try Now

  +91 76210 73586 [email protected]

Homeour-privacy-policy

our-privacy-policy

Legal Information

1. Introduction

Welcome to SMSLocal.in (hereinafter referred to as “SMSLocal”, “we”, “us”, or “our”). SMSLocal is a brand owned and operated by Swadesh Mobile, providing WhatsApp Business API services, bulk SMS broadcasting, chatbot automation, two-way messaging, and (planned) RCS Business Messaging services to businesses across India and globally.

This Privacy Policy explains how Swadesh Mobile collects, uses, stores, processes, discloses, and protects your information when you visit https://www.smslocal.in, register for an account, purchase or use any of our services, integrate with our APIs, or interact with our support team.

By accessing our website or using any SMSLocal service, you confirm that you have read, understood, and agreed to this Privacy Policy. If you do not agree, please discontinue use of our services immediately.

This Policy should be read together with our Terms & Conditions, Acceptable Use Policy, and any product-specific addenda (such as the WhatsApp Business Service Addendum and the SMS / DLT Addendum).

2. Definitions

  • Personal Information” means any information that relates to an identified or identifiable natural person, as defined under the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000.
  • Customer Data” means information that you, the SMSLocal customer, upload or transmit through our platform — including contact lists, message content, media, and chatbot conversations addressed to your end-recipients.
  • End-Recipient” means the individual to whom you, as our customer, send a WhatsApp message, SMS, or RCS message via the SMSLocal platform.
  • Services” means all SMSLocal products including WhatsApp Business API access, bulk messaging, broadcasting, chatbot builder, shared inbox, analytics, integrations, and any future services such as RCS Business Messaging.

3. Information We Collect

3.1 Information You Provide to Us

  • Account registration data: name, business name, email address, mobile number, password, GSTIN, PAN, billing address, and authorised signatory details.
  • KYC and onboarding documents required for WhatsApp Business API approval, DLT registration, sender ID/header approval, and Green Tick verification.
  • Payment information: card details, UPI ID, bank account details, and transaction records (processed through PCI-DSS compliant payment gateways; we do not store full card numbers on our servers).
  • Communications you send to our sales, support, billing, or grievance teams (including email, ticket, chat, and call recordings, where applicable).

3.2 Customer Data You Upload to Process

  • End-recipient contact lists (mobile numbers, names, custom attributes, opt-in records).
  • Message content — including text, media, templates, chatbot flows, and quick replies — that you create or send through our platform.
  • Two-way conversation transcripts and chatbot session data.

3.3 Information Collected Automatically

  • Device and connection data: IP address, browser type, device identifiers, operating system, time zone, and language settings.
  • Usage data: pages visited, features used, API calls made, campaign statistics, and platform interactions.
  • Delivery, read, and engagement metadata returned by Meta (WhatsApp), telecom operators (SMS), and Google (RCS).
  • Cookies, web beacons, and similar tracking technologies — see Section 11 below.

3.4 Information from Third Parties

  • Identity verification, anti-fraud, and credit-risk information from authorised partners.
  • Profile data from authentication providers if you sign in via Google, Microsoft, or similar services.
  • Information provided by Meta, telecom operators, payment processors, and integration partners (e.g., Shopify, WooCommerce, Zoho).

4. How We Use Your Information

We use the information we collect for the following purposes:

  • To create and manage your SMSLocal account, verify your identity, and complete KYC, DLT, and WhatsApp Business onboarding.
  • To deliver the Services you subscribe to — including dispatching WhatsApp, SMS, and (in future) RCS messages on your behalf.
  • To process payments, issue invoices, calculate wallet balances, and manage subscriptions.
  • To provide customer support, respond to grievances, and resolve technical issues.
  • To improve, troubleshoot, and develop new features for our platform.
  • To send service notifications, security alerts, billing reminders, and policy updates (these are transactional and cannot be opted out of while you remain a customer).
  • To send promotional communications about our Services — you may opt out of marketing emails at any time.
  • To detect, prevent, and investigate fraud, abuse, spam, security incidents, and violations of our Acceptable Use Policy.
  • To comply with applicable laws, regulatory obligations, court orders, and lawful requests from government authorities in India and abroad.

5. WhatsApp Business API & Meta Compliance

As an authorised WhatsApp Business Solution Provider (BSP), SMSLocal is bound by the WhatsApp Business Solution Terms, the WhatsApp Business Messaging Policy, and the WhatsApp Commerce Policy issued by Meta Platforms, Inc.

  • Customer Data transmitted via the WhatsApp Business API is processed on Meta-hosted infrastructure as well as our own servers, in accordance with Meta’s data handling requirements.
  • You confirm that you have obtained valid opt-in consent from every End-Recipient before sending any WhatsApp message via SMSLocal.
  • We do not use End-Recipient phone numbers, message content, or media for any purpose other than facilitating delivery on your behalf and complying with Meta’s policies.
  • Meta may apply quality ratings, throughput limits, and template restrictions to your WhatsApp Business account; we will pass on these decisions but are not responsible for them.

6. SMS, DLT & TRAI Compliance

All SMS services delivered through the SMSLocal platform comply with the Telecom Regulatory Authority of India (TRAI) Telecom Commercial Communications Customer Preference Regulations, 2018 (TCCCPR-2018), and the Distributed Ledger Technology (DLT) framework operated by Indian telecom operators.

  • Customers are required to complete Entity Registration, Sender ID/Header Registration, and Template (Content) Registration on a DLT platform (Jio, Airtel, Vi, or BSNL) before sending SMS through SMSLocal.
  • We retain consent records, scrubbing logs, and DLT identifiers for the period mandated by TRAI and the relevant access providers.
  • Promotional SMS is honoured only outside Do-Not-Disturb (DND) hours; service and transactional categories follow TRAI’s defined exceptions.

7. RCS Business Messaging (Planned Service)

SMSLocal operates an RCS Business Messaging (RBM) service in partnership with Google and authorised carrier aggregators (Infobip). When you opt in to receive RCS messages from SMSLocal, the following applies:

What we collect

  • Mobile number (provided at signup)
  • Opt-in timestamp and IP address (audit evidence of consent)
  • Message delivery status (sent, delivered, read, failed)
  • Interaction events (button taps, suggested-reply postbacks, opt-out keyword replies)
  • Opt-out preferences (rcs_unsubscribes table + per-user opt-in flag on your account)

How we use it

  • To deliver the RCS messages you have consented to receive (onboarding, transactional, opt-in promotional)
  • To honour STOP / UNSUBSCRIBE / CANCEL / END / QUIT keyword replies and in-app opt-out toggles within seconds
  • To respond to HELP / INFO keyword replies with brand support information
  • To produce delivery and engagement reports for the SMSLocal account holder

Legal basis
Explicit consent collected at smslocal via a pre-unticked checkbox that the user must tick to complete registration. Submissions without consent are rejected server-side.

Your rights

  • Opt out instantly via reply keyword (STOP, UNSUBSCRIBE, CANCEL, END, QUIT, OPTOUT — case-insensitive) or via Settings → Notifications → toggle “Receive RCS messages from SMSLocal” off
  • Email request to [email protected] (handled within 24 hours)
  • Access / delete personal data by contacting [email protected]
  • Once opted out, your number is added to a suppression list and receives no further RCS messages from us

Third parties
RCS messages are routed through Infobip (carrier aggregator) and Google’s RBM platform. Their handling of routing data is governed by Google’s RCS Business Messaging Terms of Service and Infobip’s Privacy Policy.

Retention
Opt-in/opt-out timestamps and audit logs are retained for 24 months after account closure to comply with carrier and regulatory requirements. Message bodies are retained for 90 days.

8. Data Sharing and Disclosure

We do not sell, rent, or trade your Personal Information or Customer Data. We share information only as follows:

  • With Meta Platforms (for WhatsApp messaging) and Google (for RCS), as strictly necessary to deliver the Services.
  • With Indian telecom operators and DLT registrars to deliver SMS and OTP traffic and to fulfil regulatory recordkeeping.
  • With payment processors, banks, and tax authorities to process payments and issue invoices.
  • With authorised sub-processors and infrastructure providers (e.g., cloud hosting, email delivery, analytics, KYC) under written confidentiality and data protection obligations.
  • With our channel partners, resellers, or affiliates only to the extent required to provision your account and provide support.
  • With professional advisors (auditors, lawyers, insurers) under confidentiality.
  • With law enforcement, regulators, or other government authorities when we are legally compelled to do so, or when disclosure is necessary to protect our rights, property, or the safety of users and the public.
  • With a successor entity in the event of a merger, acquisition, restructuring, or sale of assets, with notice to affected users.

9. Data Retention

We retain Personal Information and Customer Data only for as long as necessary to fulfil the purposes for which it was collected, to provide the Services, to comply with our legal and regulatory obligations (including TRAI/DLT recordkeeping, GST and income tax laws), to resolve disputes, and to enforce our agreements.

  • Account and KYC records: retained for the life of the account plus the periods required by Indian law (typically 5–8 years after account closure).
  • Message metadata and delivery logs: retained for up to 180 days in active storage and longer in archival storage where required by regulators.
  • Billing, invoicing, and tax records: retained for at least 8 years.
  • Customer-uploaded contact lists and chatbot data: retained while your account is active and deleted within 90 days of account closure, unless a longer period is required by law or by you.

10. Your Rights

Subject to applicable law, you have the following rights in respect of your Personal Information:

  • Right to access — obtain a summary of the Personal Information we hold about you.
  • Right to correction and updation — request correction of inaccurate or incomplete information.
  • Right to erasure — request deletion of Personal Information that is no longer necessary, subject to legal retention requirements.
  • Right to grievance redressal — escalate complaints to our Grievance Officer (see Section 17).
  • Right to nominate — appoint another person to exercise your rights in the event of death or incapacity.

10.1 Additional Rights for EU/EEA Users (GDPR)

If you are located in the European Union or European Economic Area, the General Data Protection Regulation (Regulation (EU) 2016/679) grants you additional rights, including the right to object to processing, the right to restrict processing, the right to data portability, and the right to lodge a complaint with your local Supervisory Authority. Where we process your data as a data processor on behalf of one of our customers, you should direct your request to that customer (the data controller). Where we process your data as a data controller (for example, your account information), you may contact us directly using the details in Section 19.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (such as pixels, local storage, and SDKs) to operate the website, remember your preferences, secure your account, measure usage, and improve our Services. You can control cookies through your browser settings; disabling certain cookies may, however, limit features such as auto-login and analytics personalisation.

12. International Data Transfers

Your information may be processed and stored in India and in other countries where our service providers (including Meta, Google, and our cloud-hosting partners) operate. Where data is transferred outside your country of residence, we rely on appropriate safeguards such as Standard Contractual Clauses, intra-group data transfer agreements, and service provider certifications to protect your information.

13. Children’s Privacy

SMSLocal is intended exclusively for use by businesses and individuals over the age of 18 years. We do not knowingly collect Personal Information from children. If you believe a child has provided Personal Information to us, please contact us and we will take prompt steps to delete such information.

14. Third-Party Websites and Integrations

Our website and platform may contain links to, or integrations with, third-party websites and services (including Shopify, WooCommerce, Zoho, Razorpay, Stripe, Meta, and Google). We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before sharing any information.

15. Data Security

We implement and maintain reasonable technical, administrative, and physical security measures designed to protect Personal Information from unauthorised access, alteration, disclosure, or destruction. These measures include TLS/SSL encryption in transit, encryption at rest for sensitive fields, role-based access controls, multi-factor authentication for administrative access, secure cloud hosting, periodic vulnerability assessments, and employee confidentiality obligations.

Despite these measures, no method of transmission over the internet or electronic storage is 100% secure. You are responsible for keeping your account credentials confidential and notifying us immediately at [email protected] if you suspect any unauthorised access to your account.

16. Government and Law Enforcement Requests

Swadesh Mobile cooperates with valid requests from Indian and foreign government, security, defence, revenue, regulatory, and law enforcement authorities. We may disclose Personal Information and Customer Data when we are legally compelled to do so, when we believe in good faith that disclosure is necessary to comply with the law, to enforce our Terms, to protect our users, or to investigate fraud or threats to public safety.

17. Grievance Officer

In accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023, the contact details of our Grievance Officer are set out below. Complaints will be acknowledged within 48 hours and resolved within the timelines prescribed by law.

  • Grievance Officer: [Name to be appointed by Swadesh Mobile]
  • Entity: Swadesh Mobile (operator of SMSLocal.in)
  • Email: [email protected]

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. The updated version will be posted on this page with a revised “Last Updated” date. Where the changes are material, we will provide additional notice (such as via email or in-product notification). Your continued use of the Services after the effective date of the updated Policy constitutes your acceptance of the changes.

19. Contact Us

If you have any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact us at:

Log In
₹60 Free Credit