← Back to Pronto

Privacy Policy

Last updated: 18 April 2026

This Privacy Policy describes Pronto's policies and procedures on the collection, use, and disclosure of the User's information when the Pronto Service (the "Service") is used.

Pronto uses the User's Personal Data to provide, maintain, and improve the Service, including building, previewing, hosting, and maintaining the User's custom business website based on their WhatsApp messages. By using the Service, the User agrees to the collection and use of information in accordance with this Privacy Policy.

Collecting and Using Personal Data

Types of Data Collected

Personal Data

We collect Personal Data the User provides via WhatsApp messages, such as:

  • Phone number.
  • Business name, services offered, location/areas served, contact details.
  • Tone preferences, specific requirements, images/photos the User uploads for their site.
  • Payment-related details (processed securely via Stripe; Pronto does not store card information).
  • Any other information the User voluntarily shares during the conversation to build/refine their website.

Pronto minimizes collection to only what is necessary for generating, previewing, deploying, and maintaining a User's custom website.

Usage Data

Collected automatically, including:

  • Conversation metadata (timestamps, message content for context/state).
  • Device information (IP address, mobile OS, browser if accessing previews/dashboard).
  • Interaction logs (e.g., preview views, feedback rounds).

Information from WhatsApp

Pronto receives data via the WhatsApp Business API. We do not access the User's full WhatsApp contacts or personal chats; only messages the User sends to us.

Pronto does not collect data from third-party social media logins.

Tracking Technologies and Cookies

Pronto uses minimal cookies/beacons on preview links, dashboard, or site elements. Primarily session-based for functionality.

Use of User Personal Data

Pronto uses Personal Data for:

  • Providing our Service: processing WhatsApp conversations to generate/refine/deploy/maintain your website.
  • Managing the User's Account: conversation state, site versions, subscription status.
  • Performing the contract: building your site, handling payments/subscriptions, domain registration.
  • Communicating: sending previews, updates, billing links, support via WhatsApp.
  • Improving the Service: internal analysis, debugging.
  • Compliance and security: fraud prevention, legal obligations.

Pronto does not use the User's data for general AI training beyond internal fine-tuning for Pronto's Service.

Sharing User Personal Data

Pronto shares only as necessary:

  • With Service Providers: Twilio/WhatsApp API providers, Stripe (payments), Supabase (database/storage), Anthropic/Claude (AI generation — they do not train on your data), Vercel/Cloudflare (hosting/domains). All under Data Processing Agreements (DPAs) ensuring POPIA compliance.
  • With your consent: For any other purpose.

Pronto does not sell or distribute the User's Personal Data.

Retention of User Personal Data

Pronto retains data only as long as necessary:

  • Active subscriptions: full conversation history/site data for updates/support.
  • Post-cancellation: limited data for 30–90 days, then deleted.
  • Usage Data: shorter periods for analysis/security.

Retention complies with legal obligations.

Transfer of User Personal Data

Data is processed in the United States (our servers via Supabase/Vercel) and other locations (e.g., cloud providers). As a Delaware C-Corp, we transfer data internationally.

For South African users: We ensure adequate safeguards. Transfers occur with reasonable security measures.

Your Privacy Rights (Including POPIA)

Under POPIA (for South African users) and applicable laws:

  • Access, correct, or delete your Personal Data.
  • Object to processing or withdraw consent (may terminate Service).
  • Lodge complaints with the Information Regulator (South Africa).

Contact hello@getpronto.dev to exercise rights. We respond within reasonable time (POPIA timelines apply).

Security of Your Personal Data

We implement reasonable technical/organisational measures (encryption in transit/rest, access controls, regular reviews).

Children's Privacy

The Service is not for anyone under 18. We do not knowingly collect data from children. If discovered, we delete it.

Links to Other Sites

Previews or links may lead to third-party sites (e.g., your live domain). We are not responsible for their privacy practices.

Changes to This Privacy Policy

We may update this Policy. Changes posted here with updated "Effective Date". For material changes, we notify via WhatsApp or email. Continued use means acceptance.

Contact

For questions, contact hello@getpronto.dev or your WhatsApp thread.

This Policy complies with POPIA and related international legislation, with commitments to transparency, consent where required, data minimization, and accountability for WhatsApp-processed data.