Kredoo ("Kredoo", "we", "us", "our") is a customer relationship management and WhatsApp engagement platform built by ElevAIte Labs and available at kredoo.in. This policy explains what information we collect, how we use and protect it, who we share it with, and the choices you have.
1. Who this policy covers
- Visitors: people browsing kredoo.in or submitting our contact and get-started forms.
- Customers: businesses that hold a Kredoo workspace, and the team members they invite.
- End customers: the leads and contacts whose details our customers manage inside their workspace, including people who message a business on WhatsApp or book an appointment through a Kredoo booking link.
2. Our two roles
For visitor and customer account data, Kredoo decides how the data is used, so we act as the data fiduciary (controller). For the leads, contacts, conversations and files a business stores in its workspace, that business owns the data and decides how it is used; Kredoo only processes it on their instructions as a data processor. If you are an end customer and want your data corrected or deleted, the fastest route is to contact the business you interacted with. You can also write to us and we will pass the request on.
3. Information we collect
- Account information: name, email address, phone number, role, and login credentials (passwords are stored hashed, never in plain text).
- Workspace content: leads and contacts, pipeline stages, notes, tasks, custom fields, bookings, uploaded files and brochures, and campaign settings that customers add to their workspace.
- WhatsApp conversation data: messages sent and received through the WhatsApp Business Platform, delivery and read receipts, button and survey responses, and opt-out requests. Media received on WhatsApp is stored so conversations stay complete.
- Form submissions: details you send us through the get-started or contact forms, such as your name, business name, phone and email.
- Usage and log data: IP address, browser and device type, pages viewed, API activity and error logs, used for security, debugging and service improvement.
- Cookies and local storage: strictly for keeping you signed in and remembering preferences. We do not run third-party advertising trackers on kredoo.in.
4. How we use information
- To provide, operate and secure the Kredoo platform.
- To deliver WhatsApp messages, campaigns, reminders and automations that our customers configure.
- To respond to enquiries and provide customer support.
- To monitor service health, prevent abuse and fix bugs.
- To send customers service updates about their own workspace.
- To comply with legal obligations.
We do not sell personal data. We do not use workspace content to train AI models for other customers or third parties.
5. WhatsApp messaging
Kredoo sends and receives WhatsApp messages through the WhatsApp Business Platform provided by Meta. Message content is transmitted through Meta's systems, and use of WhatsApp is also governed by WhatsApp's Privacy Policy. Business-initiated messages use templates that Meta reviews and approves. If you no longer want messages from a business using Kredoo, reply STOP to any of its messages; Kredoo detects opt-outs automatically and permanently excludes that number from future campaigns of that business.
6. Who we share information with
- Meta Platforms: to deliver WhatsApp messages and, where a customer connects Meta Lead Ads, to receive the leads their ad forms generate.
- Hosting and infrastructure providers: our servers and databases are operated on reputable hosting infrastructure, with access limited to what is needed to run the service.
- Service providers: tools we use to run Kredoo (for example email delivery or AI-assisted replies where a customer enables them), bound to process data only for us.
- Legal requirements: when required by law, regulation or a valid legal process.
7. Security
All traffic to kredoo.in is encrypted with HTTPS. API credentials and access tokens (including WhatsApp system tokens) are stored encrypted at rest and are not visible to workspace members. Access to workspaces is role-based, and every workspace's data is isolated from other customers. No system is perfectly secure, but we review and improve our safeguards continuously.
8. Data retention and deletion
We keep data for as long as a workspace is active or as needed to provide the service. Customers can delete leads, conversations and files from their workspace at any time. When a workspace is closed, its data is deleted from our systems within a reasonable period, except where the law requires us to keep specific records. Anyone can request deletion of their personal data by writing to team@kredoo.in.
9. Your rights
Subject to applicable law, including India's Digital Personal Data Protection Act, 2023, you may request access to, correction of, or deletion of your personal data, ask for a copy of it, or withdraw consent to marketing messages at any time. To exercise any of these rights, email team@kredoo.in. We respond to verified requests within a reasonable time.
10. Children
Kredoo is a business tool and is not directed at children. We do not knowingly collect personal data from anyone under 18.
11. Changes to this policy
We may update this policy as Kredoo evolves. The date at the top reflects the latest revision, and material changes will be communicated to customers through the platform or by email.
12. Contact us
For any privacy question, request or complaint, contact ElevAIte Labs at team@kredoo.in.