Thank you for using WhatsApp Business as a communication channel. Your privacy is important to us, and we are committed to ensuring that your personal information is protected in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
1. What data we collect
When using WhatsApp Business, we may collect and process the following personal data:
- phone number,
- message content (limited to what you voluntarily share in communication),
- media files (e.g., documents, images) shared via WhatsApp Business messages,
We do not use WhatsApp Business for collecting any sensitive personal data such as health information or financial details unless explicitly required for reporting purposes.
2. Purpose of data collection
Your personal data is collected and processed to:
- respond to your report,
- manage fraud reporting,
- ensure security and integrity of communication.
3. Lawful basis for processing
We process your data on the following lawful bases under GDPR:
- Consent: By communicating with us via WhatsApp Business, you consent to the processing of your data.
- Legitimate Interest: We process your data to ensure efficient communication and fraud management.
- Legal Obligation: If required by law, we may process your data for compliance or reporting purposes.
4. Data security
All communications on WhatsApp Business are protected by end-to-end encryption, ensuring that only the sender and recipient can read the messages. However, please note that WhatsApp Business is a third-party platform owned by Meta, and their Terms of Service and Data Processing Terms apply.
We take additional security measures to protect your data, including limiting access to authorised personnel only.
5. Data retention
Your personal data will be retained only for as long as necessary to fulfil the purposes outlined above or as required by law. Once it is no longer needed, we will securely delete or anonymise the data.
6. Data sharing
We will not share your personal data with any third parties unless required by law, such as in cases of fraud investigation or legal processes.
7. Your rights
You have rights under GDPR, including the right to:
- access your personal data,
- request correction or deletion of your data,
- withdraw consent for processing,
- object to the processing of your data in certain circumstances.
For any data protection concerns or to exercise your rights, please contact IGDisclosures@britishcouncil.org
8. International data transfers
As WhatsApp Business is a global service, your data may be transferred outside your home country, including to countries outside the European Economic Area (EEA). These transfers will only be made in accordance with GDPR and relevant international data protection agreements.
9. Changes to this notice
We may update this Data Protection Notice from time to time. Any significant changes will be communicated via our website or through WhatsApp Business itself.
For more information about our data protection practices, please visit our Privacy Policy.
By using WhatsApp Business to communicate with us, you acknowledge that you have read and understood this Data Protection Notice.