Privacy Policy
1. Who we are
This Privacy Policy applies to Multiconex, a SaaS multi-agent customer service platform for WhatsApp Business, operated by Juan Pablo Cordeiro Baraúna, CNPJ 32.289.461/0001-12, Coronel Antônio Pessoa, 48-A, Loja 01 — Centro, Campina Grande/PB — CEP 58400-262.
We are committed to protecting our users' personal data in compliance with the Brazilian General Data Protection Law (LGPD — Law 13.709/2018) and Meta Platforms policies.
2. Data we collect
We collect the following data to provide the service:
- Registration data: name, email, and password (stored with secure hashing) of platform users;
- Conversation data: messages, media, and conversation metadata transmitted via WhatsApp Business Cloud API, required for display in the service dashboard;
- Contact data: name, phone number, and additional information of contacts registered by the client company;
- Integration credentials: WABA ID and Phone Number ID obtained via Embedded Signup (Meta's official authentication flow), required to authenticate requests to the WhatsApp Business Cloud API on behalf of the client company;
- Usage data: access logs, IP address, and device information for security and technical support purposes.
3. How we use data
Collected data is used exclusively to:
We do not use data for advertising, third-party marketing, or any purpose other than providing the service.
- Provide the contracted multi-agent customer service (display, send, and receive messages via WhatsApp);
- Authenticate users and maintain account security;
- Provide technical support and resolve issues;
- Generate reports and service history for the client;
- Comply with applicable legal obligations.
4. Sharing with Meta Platforms
For the platform to function, message data is transmitted through the WhatsApp Business Cloud API, infrastructure operated by Meta Platforms, Inc. This transmission is essential for service delivery and is subject to the WhatsApp Privacy Policy and the Meta Data Policy.
We do not share data with any third party other than Meta, except when required by law or court order.
4-A. Data collected via Embedded Signup (Meta)
The client company's WhatsApp Business number is connected exclusively via Embedded Signup — Meta Platforms' official authentication flow. During this process, Multiconex receives, through Meta's API, the WABA ID and Phone Number ID associated with the client's account.
This data is stored securely and used exclusively to authenticate requests to the WhatsApp Business Cloud API on behalf of the client company. Multiconex does not access or store the client's Meta/Facebook account password.
5. Data isolation per client
Each client company accesses exclusively its own data. One company's conversations, contacts, and settings are completely isolated from another company's on the platform. No client data is visible to another.
6. Data retention
Data is retained while the client's account is active. After account closure, data is retained for up to 90 (ninety) days for backup purposes and then securely deleted, unless a longer retention period is required by law.
7. Security
We adopt appropriate technical and organizational measures to protect data against unauthorized access, loss, alteration, or disclosure, including:
- Password storage with hashing (bcrypt);
- Communication via HTTPS/TLS;
- Authentication tokens with expiration;
- Role-based access control (admin, agent).
8. Data subject rights (LGPD)
Under the LGPD, you have the right to:
To exercise these rights, contact us using the phone number or email listed below.
- Confirm the existence of processing of your data;
- Access the data we store about you;
- Correct incomplete, inaccurate, or outdated data;
- Request deletion of your personal data;
- Revoke consent for data processing;
- Request data portability to another provider.
9. Cookies
Multiconex uses session cookies strictly necessary to maintain user authentication. We do not use tracking, advertising, or third-party analytics cookies.
10. Changes to this policy
This Privacy Policy may be updated periodically. Relevant changes will be communicated to clients by email. Continued use after notification implies acceptance of the updated policy.
Contact — Data Protection Officer (DPO)
For questions, requests, or to exercise your rights, please contact us:
- Owner: Juan Pablo Cordeiro Baraúna
- CNPJ: 32.289.461/0001-12
- Email: contato@hivenimbus.com.br
