Privacy Policy
Last updated: June 23, 2026
Introduction
WardenPoint ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service.
Information We Collect
We collect information that you provide directly to us:
- Account information (name, email, company name)
- Billing information (payment method, billing address)
- Recipient data (phone numbers, Telegram usernames)
- Usage data and logs
How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Process transactions and send related information
- Send technical notices and support messages
Data Storage and Security
We protect your data with TLS encryption in transit. Sensitive secrets and integration credentials (such as webhook secrets) are encrypted at rest at the application level. Access is scoped per tenant and limited to least privilege. We keep data only as long as needed (see retention below). We do not claim certifications we have not earned — no ISO 27001, SOC 2, HIPAA or PCI-DSS — and we do not provide end-to-end encryption on messaging channels.
Your Rights
You have the following rights over your personal data. To exercise any of them, email [email protected] — we respond within 30 days. You may also lodge a complaint with your local data-protection supervisory authority.
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Export your data
- Object to processing based on our legitimate interests
- Restrict processing, or withdraw consent at any time
- Lodge a complaint with a supervisory authority
Cookies & analytics
We use only the strictly necessary cookies required to run the site and keep you signed in; these do not require consent. We do not use third-party analytics, advertising or cross-site tracking cookies.
Our role
For data about your WardenPoint account (name, email, company, billing), WardenPoint is the data controller. For the recipient and alert data you upload to route notifications, WardenPoint acts as a data processor on your instructions, and you are the controller; that processing is governed by our Data Processing Agreement.
Legal bases
We process personal data on these bases (GDPR Art. 6): performance of a contract (operating your account and delivering the Service); our legitimate interests (securing the Service, preventing abuse, improving the product); consent where required; and legal obligation (tax, accounting). Where you upload recipient data, you are responsible for the lawful basis and any consent needed to contact those recipients.
Who we share data with
We share personal data only with sub-processors that help us deliver the Service, under data-protection terms: delivery providers (Telegram; Zadarma for SMS and phone calls; WhatsApp and Viber where you enable them), payment processors (MonoPay, and PayPro Global as our merchant of record), and our hosting provider (Hostinger, in the EU/EEA — Lithuania). Voice calls are placed by our own self-hosted telephony, and email is sent from our own mail server. A current list is in our Data Processing Agreement. We do not sell personal data.
How long we keep data
We keep account and billing data for the life of your account and as required by law (e.g. tax records). The audit log is retained for your plan's configured window and then deleted. Voice-call recordings, where produced, have a bounded, configurable retention. On account closure we delete or return personal data within 30 days, except where law requires retention.
International data transfers
WardenPoint stores data on infrastructure located in the EU/EEA (Hostinger, Lithuania), so EU/EEA personal data stays within the EEA. WardenPoint is operated from Ukraine, which currently has no EU adequacy decision; for operator access to that data we rely on the EU Standard Contractual Clauses (and the UK IDTA for UK data) plus a transfer impact assessment. A copy of the safeguards is available on request.
Where recipient data comes from
Where we process data about your recipients, we obtain it from you (our customer), not from the recipients directly. The categories are name/identifier and contact endpoints (phone, email, messenger handle).
Contact Us
If you have questions about this Privacy Policy, please contact us at [email protected]