Privacy Policy

Last updated: March 2026

Zero Message Storage

DC Bridge does not store, read, or analyze the content of your WhatsApp messages. All incoming messages are forwarded to your configured webhook endpoint in real-time and immediately discarded from memory.

Data We Collect

• Account data: Name, email, hashed password
• Device data: Phone number, connection state, WhatsApp name
• Contact data: Phone numbers and names from WhatsApp contact sync (auto-populated)
• Webhook logs: Delivery status, HTTP status codes, response times (retained 90 days)
• Audit logs: Login events, configuration changes, IP addresses (retained 1 year)
• Signal credentials: Encrypted authentication state for session restoration

Data Retention

• Connection logs: 90 days
• Webhook delivery logs: 90 days
• Audit logs: 1 year
• Account data: Until account deletion

Your Rights

You can export all your data via the dashboard or API. You can delete your account and all associated data at any time. Contact support@dcbridge.app for data requests.

Security

All data is encrypted in transit (TLS). Signal protocol credentials are encrypted at rest (AES-256-GCM). Passwords are hashed with bcrypt (cost factor 12). We follow SOC 2 Trust Service Criteria for security controls.