Eyvent AI
Eyvent AI — Legal

Privacy Policy

Renaissance Research Technologies Private Limited · eyvent.io

Effective date: April 20, 2026
Last updated: April 20, 2026

This Privacy Policy (“Policy”) explains how Eyvent and Eyvent AI (collectively, “Eyvent”, “we”, “us”) collect, use, disclose, store, and otherwise process personal data in connection with our websites, applications, APIs, and related services (the “Services”) offered by Renaissance Research Technologies Private Limited, a company incorporated in India (“RRTPL”, “Company”). Our public website is https://eyvent.io. Eyvent was formerly known as Ripplbot.

This Policy is designed to meet common expectations for transparency, including for customers evaluating Eyvent as a WhatsApp / Meta technology provider or business messaging solution. It is not legal advice; please consult qualified counsel for your specific situation.

1. Data controller and contact details

For personal data that RRTPL determines the purposes and means of processing (as described in this Policy), the controller is:

Renaissance Research Technologies Private Limited
Registered address: UNIT 801 TO 810, 8th Floor, Tower 1, Vasavi Shaloom Skycity, Gachibowli, Serilingampally (Seri Lingampally), K.V. Rangareddy District, Telangana 500032, India
Website: https://eyvent.io

Privacy inquiries: please use the contact methods published on https://eyvent.io (for example, our contact form or designated privacy inbox if listed). If you are a customer’s end user, you should usually contact the business that messaged you first; we explain this further below.

Grievance / privacy requests (India): where the Digital Personal Data Protection Act, 2023 (“DPDPA”) applies, you may contact us using the same channels above. We will acknowledge and respond in line with applicable timelines.

2. Scope and who this Policy covers

This Policy applies to:

  • Visitors and users of eyvent.io and related Eyvent web properties;
  • Authorized users of customer accounts (for example vendor administrators and team members) who access the Eyvent console; and
  • Individuals whose personal data is contained in Customer Content submitted by our customers into the Services (for example contact records, phone numbers, chat content, and similar CRM or messaging data).

Important: When our customers use Eyvent to message people on WhatsApp or other channels, the customer is typically the primary decision-maker (“controller” / “business”) for that personal data. We process such data as a processor / service provider on the customer’s instructions, subject to our agreements and this Policy. Individuals should contact the relevant customer (the business that collected their data) for many requests (for example marketing opt-outs for that business’s messages).

3. Definitions

  • Personal data / personal information: information relating to an identified or identifiable individual, as defined by applicable law.
  • Customer: the organization with a contractual relationship with us (for example a business subscriber).
  • Customer Content: data that Customers or their users submit, generate, or transmit through the Services (including contacts, messages, templates, labels, notes, and campaign data).
  • Processor / service provider processing: processing we perform on behalf of a Customer, under their instructions, to provide the Services.

4. Personal data we collect

We collect the following categories of information (specific items depend on how you use the Services):

4.1 Account, identity, and profile data

  • Full name, email address, phone number, username, password (hashed), organization name, job title or role, time zone, language preferences, and similar profile fields.
  • Authentication and security data (for example session tokens, device identifiers where used for security, and audit logs of access).

4.2 Billing and transaction data

  • Billing contact details, subscription plan, invoices or payment references, and limited payment metadata.
  • Payment card or bank details are typically collected directly by payment processors; we do not intend to store full card numbers on our systems.

4.3 Service usage, technical, and diagnostic data

  • IP address, device type, browser type and version, operating system, approximate location derived from IP, timestamps, pages viewed, referring URLs, and similar telemetry.
  • Logs relating to reliability, debugging, abuse prevention, and security monitoring.
  • Configuration and feature usage necessary to operate the Services.

4.4 Customer Content (including messaging data)

  • WhatsApp Business Platform identifiers, phone numbers, message content (including media references or attachments as configured), delivery or read receipts where available, templates, flows/bots configuration, labels, internal notes, and CRM attributes.
  • Information imported by Customers (for example spreadsheets of contacts) or received from integrated systems.

4.5 Communications with us

  • Information you provide when you contact support, submit forms, or communicate with us by email or chat.

4.6 Cookies and similar technologies

We and our partners may use cookies, local storage, pixels, and similar technologies for:

  • Strictly necessary operation and security of the Services (for example session management, load balancing, fraud prevention);
  • Functional preferences (for example language); and
  • Analytics where enabled, to understand usage and improve the product.

Where required by law, we will obtain consent before non-essential cookies/analytics. You can control many cookies through your browser settings; disabling certain cookies may impact functionality.

5. How we use personal data (purposes)

We use personal data to:

  • Provide and operate the Services, including onboarding, authentication, messaging features, campaigns, templates, reporting, and customer support;
  • Connect integrations you enable (including Meta/WhatsApp APIs) and maintain webhooks, tokens, and credentials as permitted by those platforms;
  • Bill and administer accounts, detect fraud, and enforce payment obligations;
  • Secure the Services, monitor for abuse, investigate incidents, and prevent unauthorized access;
  • Improve reliability and performance, conduct troubleshooting, and develop features (using aggregated or de-identified information where feasible);
  • Comply with law and respond to lawful requests from public authorities;
  • Communicate service-related notices, policy updates (where appropriate), and, where permitted, product information; and
  • Enforce our Terms and policies, including resolving disputes.

We do not sell personal data as a “sale” is commonly understood under modern privacy laws, and we do not use personal data for targeted advertising across unrelated third-party sites as part of our core product (unless we separately disclose and obtain consent where required).

6. Legal bases (EEA/UK/Switzerland and similar jurisdictions)

Where GDPR or UK GDPR applies, we rely on one or more of the following legal bases:

  • Contract (Article 6(1)(b)): processing necessary to perform our agreement with you or your organization;
  • Legitimate interests (Article 6(1)(f)): for example securing the Services, preventing fraud, improving reliability, and limited analytics, balanced against your rights;
  • Legal obligation (Article 6(1)(c)): where we must comply with law; and
  • Consent (Article 6(1)(a)): where we expressly ask for consent (for example certain cookies or marketing emails, where required).

7. India (DPDPA) — lawful processing and consent

Where the DPDPA applies, we process personal data in accordance with its requirements, including lawful bases such as consent (where required), legitimate uses permitted by law, and compliance obligations. Where consent is the basis, you may withdraw consent at any time, subject to contractual and legal limitations. Withdrawal does not affect the lawfulness of processing before withdrawal.

8. WhatsApp, Meta, and other third-party platforms

Eyvent is built to interoperate with the WhatsApp Business Platform and related Meta products. When you connect a WhatsApp Business account:

  • Meta’s terms, policies, and developer requirements apply to your use of those products (including messaging rules, template approvals, and commerce policies);
  • Meta may process personal data in accordance with Meta’s privacy policy and product terms; and
  • We process data received through Meta APIs only as needed to provide features you enable, and in line with our role (processor/service provider for Customer Content, as applicable).

Useful references (provided for convenience; we do not control third-party pages):

9. Disclosures, subprocessors, and recipients

We may disclose personal data to:

  • Infrastructure and hosting providers;
  • Email, support, and ticketing tools;
  • Payment processors;
  • Security, logging, and monitoring vendors;
  • Analytics providers (where used);
  • Professional advisers (lawyers, auditors) where bound by confidentiality; and
  • Authorities where required by law or to protect rights, safety, and security.

We use written agreements with service providers that process personal data on our behalf, requiring appropriate confidentiality and security measures. A list of key subprocessor categories is available on request for enterprise customers, and we will provide notice of material changes as described in our customer agreements.

10. International transfers

We may process and store personal data in India and other countries where we or our providers operate. Where personal data is transferred across borders, we implement appropriate safeguards required by applicable law (for example standard contractual clauses, adequacy decisions, or other permitted mechanisms).

11. Retention

We retain personal data for as long as necessary to fulfill the purposes described in this Policy, including providing the Services, complying with legal obligations (for example tax and accounting records), resolving disputes, and enforcing agreements. Retention periods vary by data category, for example:

  • Account data: for the life of the account and a reasonable period thereafter (for example to resolve billing disputes) unless a longer period is required by law;
  • Customer Content: as determined by the Customer’s use of the product, account settings, exports, and deletion tools, subject to backups and legal holds;
  • Security logs: typically retained for a limited period consistent with security needs and storage economics;
  • Backups: may retain residual copies until overwritten according to backup rotation policies.

12. Security

We implement technical and organizational measures designed to protect personal data, including access controls, encryption in transit where appropriate for the architecture, monitoring, vulnerability management practices, and personnel training. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

13. Your privacy rights

Depending on your jurisdiction, you may have rights to:

  • request access to personal data we hold about you;
  • request correction of inaccurate data;
  • request deletion or erasure, subject to exceptions;
  • object to or restrict certain processing;
  • request data portability where applicable;
  • withdraw consent where processing is consent-based; and
  • lodge a complaint with a supervisory authority or the Data Protection Board of India (as applicable).

How to exercise rights: If you are a Customer user, use in-product tools and contact your organization’s administrator where available. For requests to RRTPL, use the contact methods on eyvent.io. For deletion instructions, see our Data deletion guidelines.

End users of our Customers: please contact the business that collected your data first. If you contact us, we may need to forward your request to the relevant Customer or verify details before acting, consistent with our role and applicable law.

14. United States (state privacy laws)

If you are a resident of a U.S. state with a comprehensive privacy law, you may have additional rights (for example opt-out of certain processing, appeal decisions). We do not “sell” personal information or use sensitive personal information for inferring characteristics in ways that require opt-out under typical state frameworks, except as disclosed. Contact us as described on eyvent.io to exercise rights.

15. Automated decision-making and profiling

We do not use personal data to make solely automated decisions that produce legal or similarly significant effects about individuals, unless we specifically disclose otherwise and comply with applicable law.

16. Children’s privacy

The Services are not directed to children under 16 (or the age required by local law). We do not knowingly collect personal data from children. If you believe we have collected a child’s data, contact us and we will take appropriate steps to delete it.

17. Changes to this Policy

We may update this Policy from time to time. We will post the updated version on this page and update the “Last updated” date. Where changes are material and consent or notice is required by law, we will provide additional notice or obtain consent as appropriate.

18. Related documents

Back to home · eyvent.io