Privacy Policy
Last updated: 21 May 2026
1. Introduction
ValueText Pvt Ltd (“ValueText“, “we“, “us“, “our“) respects your privacy and is committed to protecting personal data. This Privacy Policy explains how we collect, use, share, and protect personal data when you visit our website, interact with our marketing and sales activities, become a customer, or otherwise engage with us.
This Privacy Policy applies to personal data we process as a data controller. Where we process personal data on behalf of our customers as a data processor (for example, where customer employees use our platform to send messages to their end-recipients), that processing is governed by our Data Processing Addendum and the terms of the relevant customer agreement, not by this Privacy Policy.
If you have any questions about this Privacy Policy or how we handle your personal data, contact us at info@valuetext.io.
2. Who We Are
ValueText Pvt Ltd is a private limited company registered in India. We provide a Salesforce-native messaging platform used by businesses worldwide for SMS, WhatsApp, voice, and related communications.
Registered office: Q City, Block A, 6th Floor, Survey No. 109, 110 & 111/2, Nanakramguda Village, Serilingampally Mandal, R.R. District, Hyderabad, Telangana 500032, India
Data Protection Contact: info@valuetext.io
For the purposes of the UK General Data Protection Regulation (“UK GDPR“) and the EU General Data Protection Regulation (“GDPR“), ValueText is the data controller of personal data described in Section 4 of this Privacy Policy.
3. The Two Distinct Data Relationships
It is important to understand that we engage with personal data in two distinct contexts, with different roles and different governing documents.
3.1 Personal data we control. When you visit our website, fill in a form, attend a sales call, subscribe to our communications, or become our customer, ValueText decides why and how your personal data is processed. We are the data controller. This Privacy Policy governs that processing.
3.2 Customer Data on the platform. When our customers use the ValueText platform to send messages to their own contacts, those messages and recipient details are Customer Data. ValueText does not control this data. Our customers control it. Where ValueText acts as a data processor in respect of Customer Data, our obligations are set out in our Data Processing Addendum, which forms part of each customer’s agreement with us.
3.3 Our platform architecture and Customer Data. Customer Data is stored within each customer’s own Salesforce organisation. ValueText operates under one of two architectural models depending on the deployment: a direct model where messages flow directly between Salesforce and the messaging provider without passing through ValueText infrastructure, and a pass-through model where messages transit ValueText infrastructure briefly for delivery processing and are deleted immediately thereafter. Neither model results in long-term storage of Customer Data on ValueText infrastructure. The specific model applicable to a customer’s deployment is described in our Data Processing Addendum.
4. Personal Data We Collect
This section describes personal data we collect and process as a data controller (per Section 3.1). Personal data on the platform (Customer Data) is addressed in Section 3.2.
4.1 Website visitors
When you visit valuetext.io, we collect:
- Technical data: IP address, browser type and version, device information, operating system, referring URL, pages visited, time spent on pages, and interaction events.
- Cookies and tracking data: as described in Section 11.
- Analytics data: behavioural and engagement data collected via Google Analytics 4 and Google Tag Manager.
- Advertising data: conversion and audience data collected via Google Ads conversion tracking for measuring the effectiveness of our advertising campaigns.
4.2 Marketing leads and prospects
When you interact with our marketing activities, including contacting us, requesting a demo, downloading content, or being identified as a prospect, we collect:
- Identification data: name, job title, company name.
- Contact data: business email address, business phone number, country, region.
- Professional data: seniority, department, industry, company size, role responsibilities.
- Engagement data: which content you viewed, emails you opened, links you clicked, demos you attended.
- Enrichment data: publicly available business contact information collected via Apollo, used to enrich our understanding of prospects and to identify companies that match our ideal customer profile.
4.3 Sales process
When you engage with our sales team, we collect:
- Meeting scheduling data: information you provide when booking a meeting via Calendly, including name, email, timezone, and meeting purpose.
- Call recordings and transcripts: audio recordings, transcripts, and AI-generated summaries of sales and demo calls conducted via Zoom and processed through Fireflies.ai. Recording is disclosed at the start of each call, and you may decline to be recorded.
- Sales notes and correspondence: notes captured by our sales team, emails exchanged with you, and any other communications.
4.4 Customers
When your organisation becomes a ValueText customer, we collect about you in your professional capacity:
- Account contact data: name, role, business email, business phone, billing address, signatory details.
- Billing and payment data: transaction records, invoice history, payment method metadata (we do not store full payment card details — see Section 4.6).
- Account usage data: account creation date, plan tier, seat count, login timestamps, configuration choices made by your administrators.
- Support and training data: any information you provide when contacting support, attending training, or interacting with our onboarding team.
4.5 Support requests
When you contact support, we collect:
- Identification and contact data: name, business email, company.
- Ticket content: the content of your support request, any attachments, screenshots, and any troubleshooting information you provide.
- Conversation history: records of past support interactions to provide continuity.
This data is processed through Freshdesk.
4.6 Payment processing
When you pay us, payment card data is collected and processed by our payment providers (Stripe and 2Checkout) under their own privacy policies. We do not store full payment card numbers or CVV codes. We receive only transaction metadata necessary for billing reconciliation, which is stored in our Salesforce billing records.
5. Lawful Basis for Processing
Under UK GDPR and GDPR, we process personal data on the following lawful bases:
| Purpose | Lawful basis |
|---|---|
| Operating and securing our website | Legitimate interest (running a website, fraud prevention) |
| Cookies and tracking | Consent (where required), legitimate interest (essential cookies only) |
| Marketing communications to existing customers | Legitimate interest |
| Marketing communications to prospects | Consent, or legitimate interest where permitted by law |
| Apollo-sourced prospect data | Legitimate interest (B2B outreach to identified business contacts) |
| Sales calls, demos, and meeting scheduling | Legitimate interest in pursuing sales relationships |
| Recording sales and demo calls | Consent (disclosed at the start of each call; participants may decline) |
| Customer account and billing administration | Performance of a contract |
| Support requests | Performance of a contract, legitimate interest |
| Legal and regulatory compliance | Legal obligation |
| Defending legal claims | Legitimate interest |
You have the right to object to processing based on legitimate interest. See Section 9.
6. How We Use Personal Data
We use the personal data described in Section 4 for the following purposes:
- Operating our website and providing the information and content you request from it.
- Marketing and lead generation: identifying potential customers, contacting prospects to introduce our services, sending newsletters and marketing communications (with consent where required), measuring marketing campaign effectiveness, and re-engaging prospects who have shown interest.
- Sales process management: scheduling meetings, conducting demos, capturing call notes and recordings to improve our sales team’s effectiveness, and tracking opportunities through our CRM.
- Customer relationship management: onboarding new customers, providing the platform, handling billing and payments, providing support and training, and communicating service updates.
- Product improvement: understanding how customers use the platform to identify areas for improvement (we use aggregated and anonymised data wherever possible for this purpose).
- Security and fraud prevention: detecting unusual activity, protecting our systems, and protecting our customers.
- Legal compliance: meeting our regulatory obligations, responding to lawful requests from authorities, and defending legal claims.
We do not use personal data for automated decision-making that produces legal or similarly significant effects on individuals.
7. Who We Share Personal Data With
We share personal data with the following categories of third parties, only as necessary for the purposes described in this Privacy Policy.
7.1 Service providers
We engage the following service providers to support our business operations. Each is contractually required to protect personal data and to use it only for the purposes for which we engage them.
| Provider | Purpose | Data shared |
|---|---|---|
| Google (GA4, Tag Manager, Ads) | Website analytics, tag management, advertising conversion tracking | Website usage data, cookies, advertising identifiers |
| Apollo | Prospect enrichment and identification | Business contact data of identified prospects |
| Salesforce | Our CRM and billing system of record | All marketing, sales, customer, and billing data |
| Campaign Monitor | Email marketing delivery | Subscriber email addresses, names, engagement data |
| Calendly | Meeting scheduling | Meeting attendee names, emails, scheduling preferences |
| Zoom | Video conferencing for sales and demo calls | Meeting participation, recordings (where applicable) |
| Fireflies.ai | Call recording, transcription, summary | Sales and demo call audio, transcripts, AI summaries |
| Freshdesk | Support ticketing | Support contact data, ticket content, conversation history |
| Stripe | Online payment processing | Payment transaction data |
| 2Checkout | Online payment processing | Payment transaction data |
| Amazon Web Services (AWS) | Cloud infrastructure hosting | Encrypted operational data |
7.2 Platform subprocessors
For the avoidance of doubt, this Section 7 lists service providers we use as a data controller. Subprocessors we engage when acting as a data processor for Customer Data on the platform (Twilio, Meta) are listed in our Data Processing Addendum.
7.3 Legal disclosures
We may disclose personal data where required by law, court order, or lawful request from a public authority. We may also disclose personal data to enforce our Terms of Service, protect our rights, prevent fraud, or protect the safety of others.
7.4 Business transfers
If ValueText is involved in a merger, acquisition, or sale of all or substantially all of its assets, personal data may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have regarding your personal data.
7.5 We do not sell personal data
ValueText does not sell personal data to third parties.
8. International Transfers
ValueText is headquartered in India. Personal data we collect from individuals in the United Kingdom, the European Economic Area, or other regions may be transferred to and processed in India and in other countries where our service providers operate (including the United States).
Where we transfer personal data from the UK or EEA to a country that has not received an “adequacy” decision from the relevant authority, we rely on appropriate safeguards, including Standard Contractual Clauses approved by the European Commission and the UK Information Commissioner’s Office, where applicable.
If you would like more information about our international transfer arrangements, contact us at info@valuetext.io.
9. Your Rights
Depending on where you live, you may have the following rights in relation to your personal data.
9.1 Rights under UK GDPR and GDPR
If you are in the UK or EEA, you have the following rights:
- Right of access: to obtain confirmation of whether we process your personal data and a copy of that data.
- Right to rectification: to correct inaccurate or incomplete personal data.
- Right to erasure (“right to be forgotten”): to request deletion of your personal data in certain circumstances.
- Right to restriction of processing: to limit how we use your data in certain circumstances.
- Right to data portability: to receive your personal data in a structured, machine-readable format.
- Right to object: to object to processing based on legitimate interest, and to object to direct marketing at any time.
- Right to withdraw consent: where we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing before withdrawal.
- Right to lodge a complaint: with a supervisory authority. In the UK, that is the Information Commissioner’s Office (https://ico.org.uk). In the EU, you may complain to your local data protection authority.
To exercise any of these rights, contact us at info@valuetext.io. We will respond within 30 days. We may ask for verification of your identity before processing your request.
9.2 Rights under California law (CCPA / CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act:
- Right to know: what personal data we have collected about you, the categories of sources, the purposes of collection, and the categories of third parties we share it with.
- Right to delete: your personal data, subject to certain exceptions.
- Right to correct: inaccurate personal data.
- Right to opt out of “sale” or “sharing” of personal data: we do not sell personal data and do not “share” it for cross-context behavioural advertising as those terms are defined under California law.
- Right to limit use of sensitive personal information: we do not use sensitive personal information for purposes beyond what is necessary to provide our services.
- Right to non-discrimination: you will not be discriminated against for exercising these rights.
To exercise these rights, contact us at info@valuetext.io. You may also designate an authorised agent to make a request on your behalf, subject to verification.
9.3 Other jurisdictions
If you reside in another jurisdiction with applicable data protection law, you may have similar rights. Contact us to discuss them.
10. How Long We Keep Personal Data
We retain personal data only for as long as necessary for the purposes for which it was collected, after which it is deleted or anonymised. Standard retention periods are below. We may retain data longer where required by law or where reasonably needed to defend legal claims.
| Category | Retention period |
|---|---|
| Website analytics (anonymised where possible) | 26 months |
| Marketing lead data | 24 months from last meaningful engagement |
| Sales call recordings (Zoom, Fireflies) | 12 months from call date |
| Customer account and billing data | Duration of customer relationship plus 7 years (for tax and accounting compliance) |
| Support tickets | 3 years from closure |
| Email marketing subscriber data | Until unsubscribed, then 6 months for suppression-list purposes |
| Session cookies | Expire when you close your browser |
| Persistent cookies | Up to 13 months |
11. Cookies and Tracking
11.1 What cookies we use
Our website uses cookies and similar tracking technologies. These fall into the following categories:
- Strictly necessary cookies: required for the website to function (for example, security tokens, load balancing). These cannot be switched off.
- Analytics cookies: Google Analytics 4 and Google Tag Manager, used to understand how visitors interact with our website.
- Advertising cookies: Google Ads conversion tracking, used to measure the effectiveness of our advertising campaigns.
11.2 Cookie consent
For visitors from the UK, EEA, and other jurisdictions requiring consent, we display a cookie consent banner on first visit. You may accept, reject, or selectively allow non-essential cookies. You can change your preferences at any time by clicking the cookie preferences link in the website footer.
11.3 Managing cookies in your browser
You can also block or delete cookies through your browser settings. Doing so may affect the functionality of our website.
11.4 Do Not Track
Our website does not currently respond to Do Not Track browser signals. We respond to consent choices made through our cookie banner.
12. Children’s Privacy
Our website and services are intended for business users and are not directed to children. We do not knowingly collect personal data from anyone under the age of 16. If we become aware that we have collected personal data from a child under 16, we will delete it.
If you believe we may have collected personal data from a child, contact us at info@valuetext.io.
13. Security
We implement appropriate technical and organisational measures to protect personal data, including:
- Encryption of data in transit using industry-standard protocols.
- Access controls limiting personal data access to authorised personnel.
- Regular review of our security practices.
- Vendor due diligence on the service providers listed in Section 7.
No method of transmission or storage is completely secure. While we take reasonable steps to protect personal data, we cannot guarantee absolute security. If you believe your interaction with us is no longer secure, contact us immediately at info@valuetext.io.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. We will post the updated policy on this page with a revised “Last updated” date. For material changes, we will provide additional notice where reasonably practicable, such as by email to customers or a notice on our website.
We encourage you to review this Privacy Policy periodically.
15. How to Contact Us
For questions, requests, or complaints about this Privacy Policy or our handling of personal data, contact us:
Email: info@valuetext.io Postal address: ValueText Pvt Ltd, Q City, Block A, 6th Floor, Survey No. 109, 110 & 111/2, Nanakramguda Village, Serilingampally Mandal, R.R. District, Hyderabad, Telangana 500032, India
If you are in the UK and we cannot resolve your concern, you may lodge a complaint with the Information Commissioner’s Office at https://ico.org.uk.
If you are in the EEA, you may lodge a complaint with your local data protection authority.
If you are in California, you may contact the California Attorney General at https://oag.ca.gov.
