Privacy Policy

This Privacy Policy explains how OTP Space collects, uses, and protects personal data when you use our Service.

1. Data We Collect

2. How We Protect Data

3. How We Use Data

We use data solely to provide the Service: sending and verifying OTPs, showing status in the dashboard, billing credit usage, preventing abuse, and providing support. We do not sell personal data.

4. Sharing With Third Parties

To deliver an OTP, the destination number is passed to the WhatsApp delivery network. We may also use infrastructure providers (hosting, database) bound by confidentiality obligations. We may disclose data where required by law.

5. Storage & Retention

We retain data for as long as needed to run the Service and meet legal obligations. Expired OTP codes can no longer be used. You can request deletion of your account data by contacting us.

6. Data Roles

For end-user data, the Customer acts as the data controller and OTP Space as the data processor, processing data on the Customer's instructions. Fuller terms are in our DPA.

7. Your Rights

Subject to applicable law (including Indonesia's Personal Data Protection Law), you may access, correct, and request deletion of your personal data. To exercise these rights, contact [email protected].

8. Changes

We may update this Policy. We will notify you of material changes by email or in the dashboard.

9. Contact

Privacy questions can be sent to [email protected].