We believe that responsible use of data supports business growth and builds strong relationships between partners, customers, and brands. As a business, we are committed to respecting and protecting the privacy of all individuals with whom we interact.
This Privacy Policy explains how Notiverse, an enterprise SMS gateway platform, collects, uses, shares, and protects personal information. Please read this document carefully to understand our data practices.
1. Definitions
The following terms have specific meanings throughout this Privacy Policy:
"Notiverse", "us", "we", or "our"
Refers to Notiverse LLC, with its registered office at [Your Company Address], Tanzania, registration number [Your Registration Number], as well as to its subsidiaries and affiliates.
"Personal Data"
Any information about you by which you can be identified, directly or indirectly.
"Controller"
The natural or legal person which determines the purposes and means of data processing and is responsible for processing such data in compliance with applicable data protection law.
"Processor"
A natural or legal person who processes personal data on behalf of the controller.
"Services"
Notiverse's cloud-based SMS gateway platform, including bulk SMS, two-way messaging, OTP verification, and related communication services.
"Applicable Data Protection Law"
All laws and regulations applicable to the processing of personal data, including where applicable, the GDPR (General Data Protection Regulation (EU) 2016/679) and any laws implementing the foregoing, as amended or superseded from time to time.
2. About Notiverse Services
Notiverse is an enterprise SMS gateway platform (Communications Platform as a Service - CPaaS). When providing Services to our customers and processing personal data, we act either as the controller or the processor, depending on the situation.
Our customers are mainly businesses that integrate our Services into their operations through API or our web dashboard. By using our platform, customers can send SMS messages, OTPs, notifications, and marketing campaigns to their end users.
When We Act as a Processor
We process personal data (such as phone numbers) on behalf of our customers, solely to deliver their messages. The customer is the controller, and we follow their instructions. Any requests from end users should be directed to our customer.
When We Act as a Controller
We process personal data for our own purposes (such as account management, billing, marketing). We are committed to processing that data as described in this Privacy Policy.
3. Controller's Contact Details
Notiverse
LLC
[Your Company Address]
Dar es Salaam,
Tanzania
Registration Number: [Your Registration Number]
Data Protection
Officer:
Email: notiverse.sms@gmail.com
General inquiries: notiverse.sms@gmail.com
4. How We Obtain Your Personal Data
We obtain personal data directly from you when you:
- Create an account and use our Services
- Visit our website and fill out contact or registration forms
- Subscribe to our newsletter or blog
- Attend our events or webinars
- Apply for a job with us
- Contact our support or sales teams
We also receive personal data indirectly when:
- Our customers provide us with end user phone numbers to deliver SMS messages
- Business partners share contact details of their representatives
- We collect publicly available information from LinkedIn or similar platforms
- Your browser automatically provides technical information (IP address, cookies)
5. What We Collect, Why, and On Which Legal Basis
5.1 Account Creation and Service Delivery
WHAT WE COLLECT
When you sign up: name, email, phone number, company name, country, billing information, and login credentials.
WHY & LEGAL BASIS
Necessary to create your account, provide Services, process payments, and communicate with you. Legal basis: contract performance.
RETENTION
7 years after account closure. Invoices kept for 10 years (tax compliance).
5.2 Message Delivery and Network Security
WHAT WE COLLECT
Traffic data: sender ID, recipient phone numbers, message content (as provided by customers), timestamps, routing info, delivery status, API usage logs.
WHY & LEGAL BASIS
Processing traffic data is necessary to perform our contract with you. We also process based on legitimate interest to prevent fraud, troubleshoot, settle payments with telecom operators, and maintain platform security.
RETENTION
12 months after transmission (longer if required by law).
5.3 Platform Improvement
WHAT WE COLLECT
Activity data: pages visited, features used, time spent, campaign performance metrics, usage patterns.
WHY & LEGAL BASIS
We analyze this data based on our legitimate interest to improve Services, provide better support, and develop new features. We may create de-identified analytics.
RETENTION
24 months typically.
5.4 Marketing Communications
WHAT WE COLLECT
If you subscribe: name and email address.
WHY & LEGAL BASIS
Based on your consent. You can unsubscribe anytime via the link in our emails.
RETENTION
Until you unsubscribe or request deletion.
5.5 Website Visitors
WHAT WE COLLECT
Automatically: IP address, browser type, device info, pages visited, referral source (via cookies).
WHY & LEGAL BASIS
Based on our legitimate interest to maintain and improve our website, analyze traffic, provide relevant content.
RETENTION
24 months typically.
5.6 Job Applications
WHAT WE COLLECT
CV/resume, contact info, education, work experience, and any info you provide.
WHY & LEGAL BASIS
To take steps to enter into employment contract and based on our legitimate interest in evaluating candidates.
RETENTION
If not hired: 12 months (unless you request earlier deletion).
7. How We Transfer Your Data
Notiverse primarily operates in Tanzania. However, some service providers may be located outside Tanzania. When we transfer data internationally, we ensure appropriate safeguards:
- Standard Contractual Clauses approved by relevant authorities
- Data Processing Agreements with security requirements
- Transfers only to countries with adequate data protection levels
8. How We Secure Your Data
We implement industry-standard technical and organizational measures to protect your data:
Encryption
Data in transit: TLS. Data at rest: AES-256.
Access Controls
Role-based access, MFA, audit logs for all admin actions.
Monitoring
24/7 security monitoring, intrusion detection, regular assessments.
Policies
Staff training, confidentiality agreements, incident response procedures.
9. Your Rights
Subject to applicable law, you have the following rights:
Access
Request a copy of the personal data we hold about you
Rectification
Request correction of inaccurate or incomplete data
Erasure
Request deletion of your personal data (subject to legal obligations)
Restriction
Request limitation of processing in certain circumstances
Portability
Receive your data in a structured, machine-readable format
Object
Object to processing based on legitimate interests or for marketing
Withdraw Consent
Withdraw consent at any time (where consent is the legal basis)
Lodge Complaint
File a complaint with your local data protection authority
10. Right to Object
You have the right to object to processing of your personal data where we rely on legitimate interest as the legal basis. To object, contact us at notiverse.sms@gmail.com with details of your objection.
You can opt out of marketing communications anytime by clicking the "unsubscribe" link in our emails or contacting us directly.
11. How to Exercise Your Rights
To exercise any of your rights, contact us at:
Email: notiverse.sms@gmail.com
Subject line: Data Subject Request - [Your Right, e.g., "Access Request"]
We will respond within 30 days. We may request additional information to verify your identity before processing your request.
12. Automated Decision-Making
No. Notiverse does not make automated decisions that produce legal effects or similarly significantly affect you. Fraud detection and spam filtering are automated but do not result in legal consequences.
13. Data Retention
We retain personal data only as long as necessary to fulfill the purposes for which it was collected or as required by law:
- Account data: 7 years after account closure
- Financial records: 10 years (tax/audit compliance)
- Traffic data: 12 months after transmission
- Marketing data: Until you unsubscribe
- Support tickets: 7 years after closure
- Job applications: 12 months (if unsuccessful)
When personal data is no longer needed, we securely delete or anonymize it.
14. Children's Information
Notiverse Services are intended for businesses and are not directed at children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at notiverse.sms@gmail.com.
15. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, Services, or legal requirements. When we make material changes, we will notify you by:
- Posting the updated policy on our website with a new "Last Updated" date
- Sending you an email notification (if you have an account)
- Displaying a prominent notice on our platform
We encourage you to review this Privacy Policy periodically. Your continued use of our Services after changes are posted constitutes acceptance of the updated policy.
Questions About Your Privacy?
We're here to help. Contact our Data Protection Officer for any privacy-related inquiries.
Contact Data Protection Officer