Privacy Policy

Last Updated: October 6, 2025

            Important: This is a legitimate, private web application designed for authenticated users to manage WhatsApp message forwarding. We take your privacy and security seriously.
        

1. Information We Collect

Our application collects and processes the following information:

Account Information: Username and encrypted password for authentication
WhatsApp Session Data: Temporary session tokens to connect to WhatsApp Web (stored locally on your browser)
Configuration Data: Your selected source and destination groups/chats for message forwarding
Message Logs: Basic logging of forwarded messages for application functionality

2. How We Use Your Information

We use the collected information solely for:

Authenticating users and maintaining secure sessions
Connecting to WhatsApp Web on your behalf
Forwarding messages between your selected groups/chats as configured
Maintaining application functionality and troubleshooting issues

3. Data Storage and Security

We implement industry-standard security measures:

Encryption: All passwords are encrypted using bcrypt hashing
Secure Communication: HTTPS encryption for all data transmission in production
Database Security: MongoDB with secure connection strings and access controls
Session Management: Secure JWT-based authentication with httpOnly cookies
Local Storage: WhatsApp session data is stored locally in your browser and on the server

4. Data Sharing

We do not share, sell, or distribute your data to third parties. Your information is used exclusively for the operation of this application.

5. WhatsApp Integration

This application uses the unofficial WhatsApp Web API (whatsapp-web.js) to connect to WhatsApp:

We do not have access to your WhatsApp account credentials
Authentication is performed through WhatsApp's official QR code scanning mechanism
The application operates within WhatsApp's terms of service for personal use
This is not an official WhatsApp product

6. User Rights

You have the right to:

Access your stored configuration data at any time
Modify or delete your message forwarding settings
Disconnect from WhatsApp Web at any time using the logout feature
Request deletion of your account and associated data

7. Data Retention

We retain your data only as long as necessary:

Account data is retained while your account is active
WhatsApp session data is automatically cleared when you log out
Message logs are kept for operational purposes and may be periodically purged

8. Cookies and Sessions

We use essential cookies for:

User authentication (JWT tokens)
Session management
Admin override functionality (for authorized administrators only)

9. Security Measures

Our application implements multiple security layers:

Content Security Policy (CSP) headers
XSS protection and MIME type sniffing prevention
Clickjacking protection (X-Frame-Options)
HTTPS enforcement in production
Strict Transport Security (HSTS)

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

11. Contact Information

If you have questions about this privacy policy or your data, please contact the application administrator.

            Note: This application is designed for legitimate personal use. Any misuse, including spamming or violating WhatsApp's terms of service, is strictly prohibited and may result in account termination.
        

← Back to Application