Privacy Policy
Effective: June 28, 2026 · Last updated: June 29, 2026
This Privacy Policy describes how Vader Devs LLC ("Vader Devs", "we", "us", or "our") collects, uses, discloses, and safeguards personal data in connection with our website vaderdevs.com (the "Site") and Vader CRM (the "Service"), including data processed through the WhatsApp Business Platform. By using the Site or the Service, you acknowledge that you have read and understood this Policy.
1. Scope and our roles
This Policy covers two distinct contexts, in which our legal role differs:
- The Site. For visitors to our website and people who contact us, Vader Devs is the data controller — we decide what we collect and why.
- The Service. Vader CRM is used by our business clients to communicate with their own customers. For the personal data of those customers, our business client is the data controller and Vader Devs acts as a data processor, processing that data only on the client's documented instructions and to provide the Service.
2. Who we are
Vader Devs LLC is responsible for the personal data described in this Policy in the roles set out above. For any privacy matter, contact us at [email protected].
3. Information we collect
From Site visitors:
- Information you provide — when you submit our contact form or email us: your name, email, the service you are interested in, and your message.
- Information collected automatically — technical data such as IP address (truncated where possible), browser and device type, and pages viewed, used in aggregate to keep the Site secure and improve it.
Through the Service (on behalf of our business clients):
- Contact details our clients add to their CRM, such as customer names and phone numbers.
- Data made available through the WhatsApp Business Platform — see the next section.
4. WhatsApp Business Platform data
Vader CRM integrates with the WhatsApp Business Platform (Cloud API) so our business clients can message their customers. When a client uses the Service, we process the following data on their behalf:
- Customer phone numbers and WhatsApp profile names.
- Message content — text, images, audio, video, documents, and location shared in the conversation.
- Message metadata — timestamps, delivery and read status, and message identifiers.
How we handle this data:
- We process it solely to provide the Service to the relevant business client and on their instructions. We do not use it for our own purposes, do not sell it, and do not use it to build profiles for advertising.
- Messages are transmitted through Meta's WhatsApp Business Platform. Meta processes that data under its own terms (the WhatsApp Business Terms and Meta's data policies) and acts as a separate processor/sub-processor in that flow.
- Our business clients are responsible for obtaining the opt-in and consent required to message their customers, and for complying with the WhatsApp Business Messaging Policy.
- We handle this data in accordance with Meta's Platform Terms and applicable data protection law.
5. How and why we use data
- To respond to enquiries and provide our services — performance of a contract or steps taken at your request.
- To operate, secure, and improve the Site and Service — our legitimate interest in running a safe, effective product.
- To process customer communications within the Service — on behalf of, and on the instructions of, our business clients.
- To comply with legal obligations — compliance with applicable law.
6. Sharing and sub-processors
We do not sell or rent personal data. We share it only with:
- Sub-processors that help us run the Site and Service — for example, Meta Platforms (WhatsApp Business Platform), our form-handling provider (Formspree), and our hosting and email providers — under contracts that require them to protect the data.
- Our business clients, who control the customer data within their own CRM accounts.
- Authorities or third parties where required by law or to protect rights, safety, and security.
- A successor entity in a merger, acquisition, or sale of assets, subject to this Policy.
7. Cookies and analytics
The Site uses strictly necessary cookies and, where applicable, privacy-respecting analytics (for example, IP anonymization and no cross-site tracking). You can control cookies through your browser settings.
8. International data transfers
Our providers may process data in countries other than your own. Where personal data is transferred internationally, we rely on appropriate safeguards (such as Standard Contractual Clauses or an adequacy decision) to protect it in line with applicable law.
9. Data retention
Site enquiry data is kept only as long as needed to respond and to maintain our records, then deleted or anonymized. Service data, including WhatsApp message data, is retained for the period configured by the relevant business client and is deleted on their instruction or upon termination of their account, unless we must retain it to comply with law.
10. How we protect data
We apply reasonable technical and organizational measures — including encryption in transit (HTTPS), access controls, and least-privilege practices — to protect personal data against unauthorized access, loss, or misuse. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
11. Your rights
Depending on where you live, you may have the right to access, correct, delete, or port your personal data, and to object to or restrict certain processing. Residents of the EEA/UK have these rights under the GDPR; residents of California have rights under the CCPA/CPRA.
For data we hold as controller (the Site), email us at [email protected]. For customer data held within the Service, the relevant business is the controller — please direct your request to the business you interacted with, and we will assist that business in fulfilling it. You also have the right to lodge a complaint with your local data protection authority.
12. Children's privacy
Neither the Site nor the Service is directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.
13. Third-party links
The Site may link to third-party websites or services. We are not responsible for their privacy practices and encourage you to review their policies.
14. Changes to this Policy
We may update this Policy from time to time. We will post the updated version here and revise the "last updated" date. Continued use after an update means you accept the revised Policy.
15. Contact us
For questions, requests, or complaints about this Policy or your personal data, contact us at [email protected].