This article summarises how Rackwave collects, uses, stores, and protects your personal data. The full Privacy Policy is available in the portal under Legal Documents. This summary is provided for clarity and convenience — the full policy is the authoritative document.
What Data Rackwave Collects
| Data Category | Examples | Why It Is Collected |
|---|---|---|
| Account data | Name, email address, phone number, company name, billing address, GSTIN | Account creation, billing, invoicing, support |
| Payment data | Invoice records, payment status; card details are tokenised by the payment gateway — Rackwave does not store raw card numbers | Processing payments, generating invoices, tax compliance |
| Usage data | Messages sent, delivery logs, API call logs, webhook events, platform dashboard activity | Service delivery, reporting, abuse detection, quota management |
| Technical data | IP addresses, browser type, device information, login timestamps, session data | Security, fraud prevention, session management, troubleshooting |
| Communication data | Support ticket content, email correspondence with the Rackwave team | Providing support, maintaining support records |
| Recipient data | Email addresses and phone numbers of your message recipients — stored in your delivery logs | Delivery tracking, suppression list management, compliance |
How Rackwave Uses Your Data
- Service delivery — routing your emails, SMS, voice calls, and WhatsApp messages to their recipients.
- Billing and invoicing — generating invoices, processing payments, maintaining financial records.
- Customer support — responding to support tickets and troubleshooting issues.
- Platform improvement — analysing aggregated usage patterns to improve service reliability and features.
- Security and fraud prevention — detecting abusive usage, account compromise attempts, and spam patterns.
- Legal compliance — retaining records as required by Indian tax law (GST), data protection regulations, and other applicable laws.
- Transactional communications — sending invoices, subscription alerts, maintenance notices, and security notifications to your registered email.
Data Rackwave Does NOT Do
- Rackwave does not sell your personal data or your recipients' data to third parties.
- Rackwave does not use your message content for advertising or marketing profiling.
- Rackwave does not share your data with advertisers or data brokers.
- Rackwave does not read your email or SMS content for purposes other than spam detection and delivery troubleshooting.
Data Retention
| Data Type | Retention Period |
|---|---|
| Account profile data | Duration of account + 30-day grace period after deletion |
| Invoice and payment records | 7 years (statutory requirement under Indian tax law) |
| Delivery logs (MigoSMTP, Telnxo) | 90 days in active log; archived for up to 1 year |
| Support ticket records | 3 years after ticket closure for audit purposes |
| Security and access logs | 90 days |
| Webhook delivery logs | 30 days |
Your Data Rights
Depending on your jurisdiction, you may have the following rights over your personal data:
| Right | What It Means | How to Exercise |
|---|---|---|
| Right of access | Request a copy of all personal data Rackwave holds about you | Open a support ticket: Data Access Request |
| Right to rectification | Correct inaccurate personal data | Update directly in Profile Settings; or contact support |
| Right to erasure | Request deletion of your personal data (subject to legal retention obligations) | Open a support ticket: Data Erasure Request |
| Right to data portability | Receive your data in a machine-readable format | Open a support ticket: Data Portability Request |
| Right to object | Object to specific uses of your data (e.g. marketing emails) | Unsubscribe from marketing emails; contact support for other objections |
Data Security
- All data in transit is encrypted using TLS 1.2 or higher.
- Data at rest is encrypted using AES-256.
- Access to production systems is restricted to authorised Rackwave personnel only.
- Payment card data is handled exclusively by PCI-DSS compliant payment processors — Rackwave never stores raw card numbers.
- Security incidents are investigated promptly; affected users are notified within 72 hours of confirmed personal data breaches where required by law.
Contact for Privacy Matters
For privacy-related requests, questions, or complaints:
- Open a support ticket in the Rackwave portal with the subject: Privacy Request — [type]
- Or email the Rackwave Data Protection team at the address listed in the full Privacy Policy.