Privacy Policy

Nautix helps teams communicate with customers on WhatsApp. This policy covers data handled by our website, products, APIs, and support channels.

• Account data: Name, email, company, role, billing details.
• Usage data: Feature interactions, device/browser info, performance metrics.
• Content data: Messages, media, and metadata you send or receive through Nautix.
• Integration data: Fields you sync from CRMs, support tools, or warehouses.
• Support data: Tickets, call notes, and diagnostics you share with our team.

Sensitive data: We do not ask for sensitive personal data. If you sync it, you are responsible for having a lawful basis to process it.

• Provide and secure the product, including fraud prevention and abuse detection.
• Improve performance and reliability through analytics and diagnostics.
• Send product updates, billing notices, and security alerts.
• Offer support, onboarding, and training when you request it.
• Comply with legal obligations and enforce our terms.

We process data under legitimate interest (product delivery, security), contract necessity (providing services), and consent (where required for marketing or specific data types).

• Vendors: Hosting, observability, and communications providers under data protection agreements.
• Integrations: Systems you connect (CRM, support, data warehouse) as configured by you.
• Compliance: Disclosures required by law, regulation, or to protect rights and safety.

We do not sell personal data.

We use encryption in transit, access controls, audit logging, and least-privilege access. Credentials and secrets are stored securely and rotated regularly.

If we become aware of a breach affecting your data, we will notify you without undue delay with details and remedial steps.

We retain data for as long as needed to provide services, meet legal requirements, and resolve disputes. You can request deletion of specific data where legally permitted.

Backups are purged on a rolling schedule. Data in logs and analytics may persist for a limited time for security and auditing.

• Access, correct, or delete personal data.
• Export data where applicable.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.

Contact us at privacy@nautix.io to exercise these rights. We respond within applicable legal timelines.

When data moves across regions, we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms where required.

We use cookies for authentication, session continuity, and analytics. You can manage cookies through your browser settings; some features may require essential cookies.

We may send you product updates or offers. You can opt out at any time from the email footer or by contacting us. Service notifications (billing, security) are transactional and not optional.

Nautix is not directed to children under 16, and we do not knowingly collect data from them. If you believe we have, contact us to remove it.

If you control personal data, you are responsible for providing your end-users with notice and obtaining any necessary consents for processing through Nautix and your integrations.

We use vetted subprocessors for hosting, messaging, analytics, and support. A current list is available on request; we will notify customers of material changes where legally required.

We may update this policy. Material changes will be communicated via product notices or email. Continued use after updates means you accept the revised policy.

Email privacy@nautix.io or write to Nautix Privacy, The Piano, 8th Floor, Brookside Drive, Westlands, Nairobi.