Back to Help Center
⚖️
Legal 7 min read

Compliance & GDPR Guide

How ViViDlyPro helps your business stay compliant with Indian and international data protection laws.

Compliance & Data Protection

Indian Legal Compliance

Information Technology Act 2000 — ViViDlyPro operates as a Body Corporate under the IT Act, collecting customer data only with implied consent (by customer-initiated contact) and using it solely to deliver the service.

IT (Reasonable Security Practices and Procedures) Rules 2011 — We maintain documented security policies, conduct annual security audits, and have incident response procedures for data breaches.

Digital Personal Data Protection Act 2023 (DPDP Act) — As Data Fiduciaries, ViViDlyPro:

  • Collects only data necessary for service delivery
  • Allows data principals (customers) to request erasure
  • Reports notifiable breaches to the Data Protection Board within 72 hours
  • Does not transfer personal data outside India without compliant safeguards

GDPR Compliance (for European Customers)

If your customers are in the European Union:

  • You act as the Data Controller (you decide what to collect via your bot)
  • ViViDlyPro acts as the Data Processor (we process it on your behalf)
  • We offer a Data Processing Agreement (DPA) — available on request for Enterprise plans
  • Data Subject Rights requests (access, deletion, portability) can be fulfilled via your portal under Settings → Account → Export/Delete Data

Meta Platform Compliance

Using ViViDlyPro for WhatsApp and Instagram requires compliance with Meta's:

  • WhatsApp Business Policy — no spam, only reply to customer-initiated messages
  • Meta Platform Terms — data use restrictions, no selling customer data
  • Instagram Platform Policy — no automated cold DMs; only respond to direct messages

ViViDlyPro is designed to comply with all these policies by default. Using the platform to send unsolicited messages violates these policies and may result in your WhatsApp number being banned by Meta.

Data Processing Agreement

Enterprise customers can request a signed Data Processing Agreement (DPA) for their internal compliance requirements. Email vividlyapp.in@gmail.com with subject "DPA Request".

Audit Logs

Enterprise plans include audit logs showing all admin actions (who changed what, when). Available under Settings → Security → Audit Log.