This Privacy Policy explains how JINA CODE SYSTEMS ("we", "us", "our") collects, uses, and protects information when you use the Jina Connect platform — including our website (jinaconnect.jinacode.systems), hosted cloud service, and open-source software.
1. Who We Are
Jina Connect is operated by JINA CODE SYSTEMS, a company incorporated in India. You can reach us at privacy@jinacode.systems.
2. Information We Collect
We collect the following categories of information:
- Account information: Name, email address, phone number, and organisation details you provide when you register.
- Billing information: Payment method details processed securely by our payment processor (Razorpay). We do not store raw card numbers.
- Usage data: Log files, API call records, message delivery events, and analytics related to your use of the platform.
- Message and call content: WhatsApp, Telegram, SMS, RCS, and Voice (call recordings & transcriptions) content you send or receive through the platform, stored only as required for delivery, analytics, and any retention requirements you configure.
- Device and browser data: IP address, user agent, and browser type collected automatically when you visit our website.
3. How We Use Your Information
- To provide, operate, and improve the Jina Connect platform.
- To authenticate your account and secure API access.
- To process payments and send invoices.
- To send transactional emails (account alerts, billing, system notifications).
- To comply with legal obligations under applicable law, including the Indian Digital Personal Data Protection Act, 2023 (DPDP Act).
- To respond to your support requests.
4. Legal Basis for Processing
We process your personal data on the following legal bases:
- Contract performance: Processing necessary to provide the services you have subscribed to.
- Legitimate interests: Fraud prevention, security, and platform analytics.
- Legal obligation: Compliance with applicable Indian and international laws.
- Consent: Where required by law (e.g., marketing communications), we will ask for your consent separately.
5. Data Sharing
We do not sell your personal data. We may share information with:
- Meta Platforms, Inc.: WhatsApp message delivery via the official WhatsApp Business API.
- Gupshup: An approved WhatsApp BSP used for message routing.
- Twilio, MSG91, Fast2SMS: SMS gateway providers for SMS channel delivery.
- Razorpay: Payment processing.
- Amazon Web Services / our hosting providers: Infrastructure for running the hosted service.
- Legal authorities: When required by law, court order, or to protect our rights.
All third-party providers are bound by appropriate data processing agreements.
6. Data Processing Agreement (DPA)
For enterprise customers requiring a Data Processing Agreement under GDPR or equivalent regulations, please contact privacy@jinacode.systems. We will provide a signed DPA within 5 business days.
7. Security
We apply industry-standard security controls to protect your data:
- All data is encrypted in transit using TLS 1.2+ (HTTPS).
- Data at rest is encrypted using AES-256.
- API keys are hashed and never stored in plaintext.
- Access to production systems is restricted to authorised personnel only.
- The core platform is open-source (AGPL v3) — you can audit the code at github.com/JINA-CODE-SYSTEMS/jina-connect-unified-cpaas.
8. Data Retention
We retain your personal data for as long as your account is active or as needed to provide services. Message logs are retained for up to 90 days by default (configurable on Enterprise plans). Billing records are retained for 7 years as required by Indian tax law.
9. Your Rights (India DPDP Act)
Under the Digital Personal Data Protection Act, 2023, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate personal data.
- Erase your personal data (subject to legal obligations).
- Nominate another individual to exercise these rights on your behalf.
- Grieve against any decision regarding your personal data.
To exercise any of these rights, email privacy@jinacode.systems.
10. Self-Hosted Instances
If you self-host Jina Connect using our open-source code (AGPL v3), you are the data controller for all personal data processed through your instance. We are not responsible for data handling on self-hosted deployments. You must comply with applicable privacy laws in your jurisdiction.
11. Cookies
Our website uses essential cookies for authentication and session management. We use analytics cookies (with your consent) to understand how visitors use the site. You can manage cookie preferences in your browser settings.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be notified via email to registered users at least 15 days before they take effect. The updated policy will be posted at this URL with a new effective date.