Privacy Policy — Goren Apps

1. Overview

Goren Apps ("we," "us," or "our") operates WhatsApp-based business communication services. This Privacy Policy explains how we collect, use, store, and protect personal information in connection with those services. By using our services, you agree to the practices described in this policy.

We are committed to handling personal data responsibly and in accordance with applicable data protection laws.

2. Information We Collect

We may collect the following categories of personal information:

Phone numbers — collected when a user opts in to receive WhatsApp messages from a business using our platform.
WhatsApp messages — content of messages sent and received through our services, including text and metadata associated with those messages.
Message metadata — delivery status, timestamps, read receipts, and other technical data generated during message transmission.
Business contact information — contact details provided by businesses that engage our services, such as email addresses and business names.

We may store and process WhatsApp messages and related metadata to provide and improve our services.

3. How We Use Your Information

Personal data is used for the following purposes:

To deliver WhatsApp-based messaging services on behalf of businesses whose customers have opted in.
To maintain message delivery records and audit logs for service reliability and compliance.
To improve service quality, diagnose technical issues, and optimize messaging workflows.
To respond to user requests, including opt-out requests and data deletion requests.
To meet our legal and contractual obligations.

We do not use personal data for unsolicited marketing and we do not sell personal data to third parties.

4. Data Storage and Retention

Message content and related metadata may be stored temporarily to support service delivery and quality assurance. By default, stored messages are retained for up to 30 days. Businesses using our platform may configure shorter retention periods.

Upon receiving a verified deletion request from a user, we will delete their data from our active systems within a reasonable timeframe, subject to any legal obligations that require longer retention.

5. Third-Party Service Providers

We use third-party providers to operate our services. Data may be processed by or transmitted through these providers in the course of delivering our messaging services:

Twilio — used for WhatsApp Business API access, message routing, and delivery infrastructure.
WhatsApp / Meta — messages are transmitted via the WhatsApp platform, which is operated by Meta Platforms, Inc. WhatsApp's own terms and privacy policy apply to message transmission on their platform.

These providers operate under their own privacy policies and data processing agreements. We select providers that maintain reasonable data protection standards.

6. User Rights

If you have received messages through our platform, or if your data has been processed by our systems, you have the following rights:

Opt out: You may opt out of receiving WhatsApp messages at any time by replying "STOP" to any message or by contacting us directly.
Request deletion: You may request deletion of your personal data by emailing [email protected] with the subject line "Data Deletion Request" and your phone number. We will process your request within 30 days.
Request access: You may request information about what personal data we hold about you.
Correction: You may request correction of inaccurate personal data.

To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within 30 days.

7. Security

We apply reasonable technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. These measures include access controls, encrypted data transmission, and restricted data access within our organization.

No method of transmission over the internet or electronic storage is completely secure. While we take data security seriously, we cannot guarantee absolute security.

8. Children's Privacy

Our services are not directed at individuals under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of our services after changes are posted constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions, data requests, or opt-out requests, please contact us:

Goren Apps, operated by Dalit Ginbar
Business Registration No. 31734106
Yassur, 20150, Israel
Email: [email protected]