Privacy Policy

Last Updated: December 11, 2025

1. Introduction

Laravel ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SMS gateway service ("Service").

By using our Service, you consent to our Privacy Policy and agree to its terms. Please read this policy carefully to understand our practices regarding your data.

2. Information We Collect

2.1 Information You Provide

When you register for an account, we collect:

  • Name and contact information (email address, phone number)
  • Company details (company name, address, DLT Entity ID if applicable)
  • Billing information (payment method, billing address)
  • Account credentials (username, password - hashed)
  • Communication preferences

2.2 Information Automatically Collected

When you use our Service, we automatically collect:

  • Technical data (IP address, browser type, device information, operating system)
  • Usage data (pages visited, features used, time spent)
  • Log data (access logs, error logs, transaction history)
  • Cookies and tracking technologies

2.3 SMS Data

We collect and process:

  • Recipient phone numbers (for message delivery)
  • Message content (which we process but do not store long-term)
  • Delivery status and reports
  • Analytics on message performance

3. How We Use Your Information

We use the collected information for:

  • Service Provision: To provide, maintain, and improve our SMS gateway service
  • Account Management: To create and manage your account, process transactions
  • Communication: To send service-related notifications, updates, and support communications
  • Legal Compliance: To comply with legal obligations, regulations, and law enforcement requests
  • Fraud Prevention: To detect, prevent, and address fraud and security issues
  • Analytics: To analyze usage patterns, improve service performance, and develop new features
  • Marketing: To send promotional materials (with your consent where required)
  • Support: To provide customer support and respond to inquiries

4. Legal Basis for Processing (GDPR)

For EU users, we process your personal data based on:

  • Contract: Processing necessary to fulfill our service contract with you
  • Consent: Where you have provided explicit consent for specific processing activities
  • Legal Obligation: To comply with applicable laws and regulations
  • Legitimate Interest: For fraud prevention, service improvement, and business operations

5. Data Sharing and Disclosure

5.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

  • SMS delivery through carrier networks
  • Payment processing
  • Cloud hosting and infrastructure
  • Analytics and performance monitoring
  • Customer support services

These providers are contractually obligated to protect your data and use it only for specified purposes.

5.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation.

5.4 Your Consent

We may share your information with your explicit consent or as described in this policy.

6. Data Security

6.1 Security Measures

We implement industry-standard security measures to protect your data:

  • SSL/TLS encryption for data transmission
  • Encrypted data storage
  • Access controls and authentication
  • Regular security audits and updates
  • Firewall and intrusion detection systems

6.2 Data Breach

In the event of a data breach, we will:

  • Notify affected users within 72 hours (as required by GDPR)
  • Notify relevant authorities where required by law
  • Take immediate remedial action to secure data
  • Provide guidance on protective measures

7. Data Retention

We retain your data for:

  • Active Accounts: While your account is active and for 2 years after closure
  • Transaction Records: 7 years (as required by financial regulations)
  • Log Data: 90 days for security and troubleshooting
  • Marketing Data: Until consent withdrawal or 3 years of inactivity

After the retention period, data is securely deleted or anonymized.

8. Your Rights (GDPR)

If you are an EU resident, you have the right to:

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restrict Processing: Request limitation of data processing
  • Data Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for marketing communications
  • Lodge Complaint: File a complaint with your local data protection authority

9. Cookies and Tracking Technologies

9.1 Types of Cookies

  • Essential Cookies: Required for service functionality
  • Analytics Cookies: Help us understand how you use our Service
  • Marketing Cookies: Used to deliver relevant advertisements

9.2 Cookie Management

You can manage cookie preferences through your browser settings. However, disabling certain cookies may affect service functionality.

10. International Data Transfers

Your data may be transferred and processed in countries outside your jurisdiction. We ensure adequate protection through:

  • Standard contractual clauses (SCCs) for EU data
  • Adequacy decisions where applicable
  • Other appropriate safeguards as required by law

11. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information immediately.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of sale of personal information
  • Right to non-discrimination for exercising your privacy rights

We do not sell your personal information.

13. SMS-Specific Privacy

13.1 Recipient Data

When you send SMS messages through our Service:

  • We access recipient phone numbers for delivery purposes
  • Message content is processed but not stored long-term
  • Delivery reports are retained for service quality
  • All message data is encrypted in transit and at rest

13.2 Compliance Requirements

  • You are responsible for obtaining consent from message recipients
  • You must comply with applicable SMS regulations (TCPA, DLT, GDPR)
  • We may audit message content for compliance

14. Do Not Track Signals

Our Service does not currently respond to Do Not Track (DNT) browser signals. We do not track users across third-party websites.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will:

  • Notify you of material changes via email and in-app notification
  • Post the updated policy on this page with the "Last Updated" date
  • Provide at least 30 days notice for material changes

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

16. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: privacy@whitelabled.securesmsc.com
  • Support: Available through your account dashboard
  • Data Protection Officer: dpo@whitelabled.securesmsc.com

Your privacy is important to us. This policy explains our commitment to protecting your personal information and ensuring transparency in our data practices.