Back to Axilrate

Legal

Privacy Policy

Last updated: April 2026

1. Introduction

Axilrate (“Axilrate”, “we”, “us”, or “our”) is committed to protecting personal data and ensuring transparency in how such data is collected, used, and processed.

This Privacy Policy describes how we process personal data in connection with our marketing automation platform (“Platform”) and is designed to comply with applicable data protection laws, including the Digital Personal Data Protection Act, 2023.

2. Scope and Roles

This Privacy Policy applies to:

  • Customers using the Platform
  • Personal data processed on behalf of Customers
  • Visitors to our website

For the purposes of applicable data protection laws:

  • Customers act as Data Controllers (Data Fiduciaries)
  • Axilrate acts as a Data Processor

Axilrate does not determine the purposes or means of processing End User data.

3. Categories of Personal Data We Process

3.1 Customer Account Data

We collect and process:

  • Name, email, contact details
  • Organization and billing information

3.2 End User Data (Customer-Controlled)

Customers may upload and process:

  • Phone numbers and identifiers
  • Message content and communication history
  • Campaign and targeting data

Axilrate processes this data solely on Customer instructions.

3.3 Device, Network, and Technical Data

We may collect:

  • Device type, operating system, and screen resolution
  • Mobile network and carrier information
  • IP address and approximate location (such as city-level location)
  • Browser type and device configuration

3.4 Usage and Behavioral Data

We may process:

  • Time and frequency of access
  • Interaction events (such as message opens, clicks, and responses)
  • Activity on Customer-integrated platforms
  • Session logs and engagement patterns

3.5 Payment and Transaction Data

We may process:

  • Payment method type (e.g., card, UPI, wallet)
  • Transaction status and metadata

Full payment credentials are handled by third-party providers and are not stored or accessed by Axilrate.

3.6 Log and Audit Data

We maintain logs including:

  • API activity and request/response data
  • User actions within the Platform
  • Access timestamps and system events

4. Purpose of Processing

Axilrate processes personal data solely to provide the Platform and related services as instructed by Customers, and not for independent purposes except for security, compliance, and operational integrity.

This includes:

  • Providing and operating the Platform
  • Delivering communications via third-party messaging and communication services
  • Monitoring usage, detecting abuse, and ensuring system integrity
  • Providing analytics, reporting, and performance insights
  • Complying with legal and regulatory obligations
  • 4B. How Personal Data is Used

Axilrate processes personal data strictly to enable the functionality of the Platform on behalf of Customers. This includes:

  • (a) Communication Delivery

Personal data such as phone numbers and identifiers are used to deliver messages through third-party platforms (including WhatsApp, SMS, and email) as initiated by the Customer.

Communications may include:

  • Transactional messages (alerts, confirmations, updates)
  • Customer support or service communications
  • Marketing or promotional communications, where permitted and consented

Communications are sent solely based on the Customer’s instructions and relationship with the End User.

Customers are required to ensure that End Users:

  • Have explicitly opted in to receive such communications; and
  • Are informed of the purpose and nature of such communications

All communications must include a clear mechanism for End Users to opt out or unsubscribe.

Axilrate does not independently contact End Users and does not control the consent lifecycle.

  • (b) Message Processing and Routing

Personal data is processed to:

  • Format, queue, and route messages
  • Enable delivery through integrated providers
  • Manage retries, failures, and delivery confirmations
  • (c) Analytics and Performance Measurement

Personal data and interaction data may be used to:

  • Measure delivery rates, open rates, and engagement
  • Analyze campaign effectiveness
  • Provide Customers with reporting and insights

This may include tracking:

  • Message opens, clicks, and responses
  • Time of interaction
  • Device, network, and usage characteristics
  • (d) Personalization and Segmentation (Customer-Controlled)

The Platform enables Customers to segment End Users and personalize communications based on:

  • Behavioral data
  • Device or network attributes
  • Time and frequency of engagement

Axilrate provides the tools for such analysis but does not independently profile End Users.

  • (e) Platform Security and Abuse Prevention

Personal data may be used to:

  • Detect and prevent spam, fraud, or misuse
  • Monitor suspicious activity
  • Enforce platform usage policies
  • (f) System Optimization and Reliability

Technical and usage data may be used to:

  • Improve message delivery performance
  • Maintain system reliability and uptime
  • Diagnose and resolve technical issues
  • (g) Compliance and Legal Obligations

Personal data may be processed to:

  • Comply with applicable laws and regulations
  • Respond to lawful requests from authorities
  • Enforce contractual obligations
  • (h) No Independent Use by Axilrate

Axilrate does not use End User personal data for its own independent marketing, advertising, or profiling purposes.

Axilrate does not:

  • Sell personal data
  • Contact End Users directly
  • Use End User data outside Customer instructions

All communications and data usage are controlled by the Customer.

  • 4C. Data Minimization and Purpose Limitation

Axilrate processes only such personal data as is necessary to provide the Platform and associated services.

Personal data is not used for purposes incompatible with those described in this Policy and is not retained longer than required, except where required for legal, security, or audit purposes.

5. Lawful Use by Customers

Customers represent, warrant, and undertake that:

They have obtained valid, informed, and legally compliant consent from End Users prior to collecting or processing personal data;

They have provided appropriate notices regarding data collection, tracking, and analytics;

Their use of the Platform complies with applicable laws, including the Digital Personal Data Protection Act, 2023, telecom regulations, and third-party platform policies (including WhatsApp/Meta policies).

Customers further agree that:

They shall not use unlawfully obtained data (including scraped or purchased datasets);

They are solely responsible for determining the purposes and means of processing;

They shall handle End User rights requests, including access, correction, and deletion.

Axilrate shall not be responsible for the Customer’s compliance with applicable laws.

6. Advanced Analytics and Profiling

The Platform enables Customers to analyze and segment End Users based on behavioral and technical data, including engagement patterns, device characteristics, and interaction history.

Axilrate does not independently perform profiling for its own purposes.

Customers are responsible for ensuring lawful use of such capabilities.

7. Data Sharing and Subprocessors

We may share data with:

  • Infrastructure providers such as Oracle Cloud Infrastructure
  • Messaging platforms (e.g., WhatsApp via Meta)
  • Payment providers

All subprocessors are contractually required to protect personal data.

We do not sell personal data.

8. Cross-Border Transfers

Personal data may be processed outside India, subject to appropriate safeguards.

9. Data Retention

Personal data is retained only for as long as necessary to:

  • Provide services
  • Comply with legal obligations
  • Maintain security and audit records

Different categories of data may be retained for different durations depending on operational and legal requirements.

Customers may request deletion subject to applicable constraints.

10. Security Measures

We implement appropriate technical and organizational safeguards, including:

  • Encryption in transit and at rest
  • Role-based access controls
  • Monitoring, logging, and alerting systems

While we strive to protect data, no system is completely secure.

  • 10A. Transparency to End Users

End Users receiving communications through the Platform should be aware that:

  • The communication is sent by or on behalf of a Customer
  • Axilrate acts solely as a service provider facilitating delivery
  • Requests relating to personal data should be directed to the relevant Customer

Axilrate may assist Customers in responding to such requests where required.

11. Data Subject Rights

Depending on applicable law, individuals may have rights to access, correct, delete, or withdraw consent.

Requests should be directed to the Customer acting as Data Controller.

12. Cookies and Tracking

We use cookies and similar technologies for authentication, performance, and analytics.

13. Data Breach Notification

We will notify Customers of data breaches in accordance with applicable law.

14. Children’s Data

The Platform is not intended for individuals under 18.

15. Updates

This Policy may be updated periodically.

16. Contact

For privacy-related queries:

Terms & ConditionsPrivacy PolicyAcceptable Use PolicyCookie PolicyData Deletion