GliviBack

Glivi Privacy Policy

Effective Date: 2026-06-18

1. Who We Are

Glivi ("Glivi", "we", "us", or "our") provides a WhatsApp-based customer-chat and customer relationship management (CRM) platform built on the WhatsApp Business Platform and the Meta Cloud API. Glivi enables businesses to receive, manage, and respond to customer conversations on WhatsApp, and to organize related customer and order information in one place.

This Privacy Policy explains what information we process, why we process it, how we protect it, and the rights available to you. It applies to the Glivi service available at https://chat.glivi.co.id (the "Service").

If you have any questions about this policy or about how your data is handled, you can contact us at admin@glivi.co.id.

2. Scope of This Policy

Glivi serves two groups of people:

  • Business users ("Customers" or "Account Holders") — the businesses and their staff who use Glivi to manage WhatsApp conversations and CRM data.
  • End customers — the individuals who message a business through WhatsApp and whose messages and contact details flow into the Service.

For end customers, the business operating the WhatsApp account is generally the data controller, and Glivi acts as a data processor on that business's behalf. For business-user account data, Glivi acts as the controller. This policy describes both relationships.

3. Information We Process

Depending on how the Service is used, we may process the following categories of data:

  • WhatsApp message content — the text, media, attachments, and metadata of messages exchanged between a business and its customers over WhatsApp.
  • Contact and profile information — customer phone numbers, display names, WhatsApp profile names, and similar identifiers provided through the WhatsApp Business Platform.
  • CRM and order data — notes, tags, labels, order or transaction details, and other records that business users associate with a contact inside Glivi.
  • Account data — business-user names, email addresses, login credentials, role and permission settings, and WhatsApp Business Account / phone-number identifiers used to connect the Service.
  • Technical and usage data — IP address, browser and device information, log data, timestamps, and session information generated when the Service is used.

We do not intentionally collect special-category personal data and we ask that business users avoid storing sensitive personal information in free-text fields unless strictly necessary and lawful.

4. Why We Process Data (Purposes and Legal Bases)

We process data to:

  • Deliver the core customer-service and CRM functionality of the Service, including sending and receiving WhatsApp messages through the Meta Cloud API.
  • Authenticate users, maintain sessions, and secure accounts.
  • Organize, search, and display customer conversations and CRM records.
  • Provide support, troubleshoot issues, and maintain and improve reliability of the Service.
  • Comply with legal obligations and enforce our terms.

Where applicable law (such as Indonesia's Personal Data Protection Law or GDPR-style frameworks) requires a legal basis, we rely on: performance of a contract (providing the Service), legitimate interests (security, support, and improvement), consent where required, and compliance with legal obligations.

5. WhatsApp Business Platform and Meta

The Service operates on the WhatsApp Business Platform using the Meta Cloud API. To deliver messaging functionality, message content and related metadata are transmitted through and processed by Meta Platforms, Inc. and its affiliates ("Meta") in accordance with Meta's and WhatsApp's own terms and policies. Your use of WhatsApp messaging through Glivi is therefore also subject to Meta's and WhatsApp's terms.

We use the WhatsApp Business Platform only for permitted business-messaging purposes and we intend to comply with the WhatsApp Business Policy, the WhatsApp Business Messaging Policy, and applicable Meta platform terms. We do not use the platform to circumvent any Meta enforcement, restriction, or ban.

6. How Data Is Stored and Secured

Glivi stores account, conversation, and CRM data on managed hosting infrastructure. We apply technical and organizational measures designed to protect data, including encryption in transit (HTTPS/TLS), access controls and role-based permissions, authentication safeguards, and restricted administrative access. While no system can be guaranteed completely secure, we work to protect data against unauthorized access, loss, or misuse.

7. Data Retention

We retain personal data only for as long as it is needed to provide the Service, to meet the operational needs of the business user who controls it, or to satisfy legal, accounting, or reporting obligations. Business users may delete conversations and CRM records within the Service. When an account is closed, we delete or anonymize associated data within a reasonable period, except where retention is required by law.

8. Third Parties

We share data only as necessary to operate the Service:

  • Meta / WhatsApp — for transmitting and receiving messages via the WhatsApp Business Platform and Meta Cloud API.
  • Hosting and infrastructure providers — for storing and serving the Service.
  • Service providers — supporting analytics, error monitoring, or support functions strictly on our behalf and under appropriate confidentiality and data-protection commitments.
  • Legal and safety — where required by law, regulation, legal process, or to protect rights, safety, and the integrity of the Service.

We do not sell personal data.

9. International Transfers

Because Meta and certain infrastructure providers operate globally, data may be processed in countries other than your own. Where applicable law requires, we take steps designed to ensure that transfers are subject to appropriate safeguards.

10. Cookies and Sessions

The Service uses cookies and similar technologies that are necessary for it to function — for example, to keep business users signed in, maintain session state, and support security. These are essential to delivering the Service. You can control cookies through your browser settings, but disabling essential cookies may prevent the Service from working correctly.

11. Your Rights

Subject to applicable law, you may have the right to access, correct, update, or delete your personal data, to object to or restrict certain processing, to withdraw consent, and to request a copy of your data. End customers should generally direct such requests to the business they messaged on WhatsApp, which controls that data; we will assist that business in responding.

To exercise any right, or to request data deletion, contact us at admin@glivi.co.id. We will respond within the timeframe required by applicable law. You also have the right to lodge a complaint with a competent data-protection authority.

12. Children

The Service is intended for businesses and is not directed to children. We do not knowingly collect personal data from children. If you believe a child's data has been provided to us, contact us at admin@glivi.co.id and we will take appropriate action.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" above and publish the updated version at https://chat.glivi.co.id/privacy. Material changes will be communicated where appropriate.

14. Contact

For any privacy questions, data-deletion requests, or other concerns, contact:

Glivi
Email: admin@glivi.co.id
Web: https://chat.glivi.co.id