Back to Piazza

Privacy Policy

Last updated: June 11, 2026

1. Who we are

Piazza is a SaaS platform that helps small businesses automate WhatsApp customer support and appointment scheduling. We operate as a Tech Provider on the WhatsApp Business Platform.

2. Information we collect

When you use Piazza, we collect the following information:

  • Account information (name, email address) when you sign up
  • WhatsApp Business Account details (WABA ID, Phone Number ID) when you connect your number
  • Business configuration data (agent settings, knowledge base documents) that you upload
  • Appointment and conversation data processed through your WhatsApp number

3. How we use your information

We use the information we collect to:

  • Provide and operate the Piazza platform on your behalf
  • Route WhatsApp messages to your AI agent and deliver automated replies
  • Record and display appointment bookings made through your WhatsApp channel
  • Authenticate you and secure access to your account
  • Communicate with you about your account and service updates

4. WhatsApp and Meta Platform Data

Piazza integrates with the WhatsApp Business Platform via the Meta API. Platform Data — including your WhatsApp Business Account credentials and message content — is used solely to deliver the services described above. We do not sell, share, or use Platform Data for advertising, profiling, or any purpose beyond providing you with the Piazza service. Access tokens are encrypted at rest using AES-256-GCM and are never exposed to the browser.

5. Data sharing

We do not sell your personal data. We may share data with the following categories of third-party service providers solely to operate Piazza:

  • Supabase — database, authentication, and file storage
  • Vercel — hosting and deployment
  • Meta — WhatsApp Business Platform API provider

6. Data retention

We retain your data for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us.

7. Security

We implement industry-standard security measures including encryption in transit (TLS) and at rest, row-level security on all database tables, and server-side access controls. Sensitive credentials are never stored in plaintext.

8. Your rights

You have the right to access, correct, or delete the personal data we hold about you. To exercise these rights, please contact us at the email address below.

9. Contact

If you have questions about this Privacy Policy or how we handle your data, please contact us at privacy@piazza.app.