Privacy Policy for chat.goodmayesonline.com
Last Updated: 22-10-2025
This Privacy Policy describes how Goodmayes Online ("We," "Us," or "Our") collects, uses, and discloses information when you use our services through our platform at chat.goodmayesonline.com (the "Platform"), which provides communication services utilizing the WhatsApp Cloud API.
We act as a technical service provider (a "Data Processor") for our clients (the businesses/merchants) who use our Platform to communicate with their end-users/customers (the "End-Users") via WhatsApp.
1. Introduction
This Privacy Policy explains how Goodmayes Online Pty Ltd (“Goodmayes Online,” “we,” “our,” or “us”) collects, uses, and discloses information processed through our platform chat.goodmayesonline.com (the “Platform”). The Platform provides communication services utilising the WhatsApp Cloud API and operates as a technical service provider for businesses that use our system to interact with their customers via WhatsApp. We act as a Data Processor on behalf of our business clients (“Clients”), who are the Data Controllers responsible for managing their End-Users’ data.
2. Important Notice: Data Controller vs. Data Processor
- Data Controller: The business or merchant (our Client) that you are communicating with via WhatsApp. They determine the purpose and means of processing your data.
- Data Processor: Goodmayes Online (chat.goodmayesonline.com) processes data strictly under the instructions of our Clients and solely for the provision of our services.
If you are an End-User and have questions about how your personal data is being handled, please contact the business you are chatting with directly.
3. Information We Collect and Process
As a Data Processor using the WhatsApp Cloud API, we process the following categories of information on behalf of our Clients:
| Data Category | Data Elements We Process | Purpose of Processing | Data Controller (Our Client) Responsibility |
|---|---|---|---|
| WhatsApp Message Data | The content of messages (text, images, media, documents) sent between our client and the End-User. | To transmit messages between the client and End-User, and to provide the core chat and customer service functionality of our Platform. | Our client (the Data Controller) is solely responsible for obtaining the necessary legal basis (e.g., consent) from the End-User to process this data. |
| End-User Identifiers | End-User's WhatsApp phone number (and associated WhatsApp ID) that initiates or receives messages. | To identify the correct recipient/sender and route messages correctly through the WhatsApp Cloud API. | Used for client billing, service provision, and analytics. |
| Metadata & Technical Data | Message status (sent, delivered, read, failed), time stamps, message type (e.g., template, text), API logs, and data related to the performance of our Platform. | To ensure reliable service delivery, monitor system performance, troubleshoot issues, and meet Meta's and our clients' reporting requirements. | Automatically collected as part of the service. |
| Client Account Data | Information provided by the business/merchant (Our Client) to set up and manage their account (e.g., business name, contact name, email address, billing information). | To manage the client account, billing, support, and technical setup. | This is the client's business information, not End-User data. |
4. How We Use and Store Information
We use and store End-User data only as instructed by our Clients and only for service delivery purposes, including:
- Service Provision: To deliver and maintain WhatsApp communication between Client and End-User.
- Service Monitoring & Improvement: To ensure uptime, troubleshoot technical issues, and enhance performance.
- Regulatory Compliance: To meet WhatsApp Business API policies, Meta’s requirements, and applicable laws.
Data Retention:
- Message Content: Retained only as long as necessary to deliver the message (usually seconds), then automatically purged.
- Meta Retention: WhatsApp Cloud API may store data up to 30 days to enable retransmission or error correction.
- Client Responsibility: Each Client maintains their own retention policy.
5. Disclosure of Information
We do not sell, rent, or share End-User data. We disclose data only as necessary to operate the Platform:
- To Our Clients: For message delivery and communication management.
- To Meta Platforms, Inc. (WhatsApp): To facilitate communication through the WhatsApp Cloud API.
- As Required by Law: Where disclosure is necessary to comply with legal or regulatory obligations.
6. Data Security
We maintain commercially reasonable technical and organisational safeguards to protect all data processed via our systems, including encryption, access controls, and monitored API activity.
Encryption Note: All WhatsApp communications are secured by the Signal Protocol for end-to-end encryption between the End-User’s WhatsApp client and the WhatsApp Cloud API.
7. End-User Rights (Data Subject Rights)
As a Data Processor, Goodmayes Online facilitates data rights requests through our Clients. End-Users should contact the business they are communicating with to exercise rights such as access, correction, erasure, or objection.
You must contact the specific business/merchant (our client) you were communicating with. We will cooperate with our clients to fulfill these requests as required by applicable laws.
8. International Data Transfers
Our systems may use cloud infrastructure located outside Australia. In such cases, we ensure that transfers comply with Australian Privacy Principle 8 and GDPR Chapter V, using appropriate safeguards.
9. Updates to this Policy
We may update this Privacy Policy periodically. Updates will be posted on this page with a revised “Last Updated” date.
10. Contact Us
Goodmayes Online Pty Ltd
Website: https://chat.goodmayesonline.com
Email: g.it@goodmayesonline.com
Address: Goodmayes Online Pty Ltd, Suite G.03, Ground Floor, 247 Coward Street, Mascot 2020, Australia