วันที่มีผล 16 กุมภาพันธ์ 2024

The WhatsApp Privacy Policy describes information we collect and process to provide the WhatsApp Service to our users. Under Article 7 of the Digital Markets Act, WhatsApp also allows WhatsApp users and users of third party interoperable messaging services (“Third Party Interoperable User(s)” or “you”) to send messages to each other, we call this Interoperable Messaging.

If you choose to message a WhatsApp user from a third party messaging service, we collect the below information to enable interoperability. This notice explains the information that WhatsApp Ireland Limited (“WhatsApp”, “our”, “we” or “us”) processes to support Interoperable Messaging with WhatsApp users in the European Region and provides more detail about how we process that information.

If you choose to use Interoperable Messaging, we collect the following information to enable Interoperable Messaging. If you do not provide this information, you will not be able to send or receive messages with WhatsApp users.

• Your Third Party Registration Information.
  • In order to display your information to the WhatsApp users you communicate with, we collect your username on the third party messaging service.
• Your Messages and Media within Messages
  • WhatsApp cannot read or listen to your interoperable messages or media. Third party messaging services may handle your messages differently.
• Connections
  • We process information to allow you to block WhatsApp users on your third party messaging service.
• Usage Information
  • We collect information about your usage of Interoperable Messaging. This includes timestamps related to your use such as when you registered, sent a message, were last online and duration of your usage. This also includes information about how you interact with WhatsApp users such as the types of messages sent.
• Device and Connection Information
  • We collect technical information about your device and connection when you message a WhatsApp user such as your IP address, operating system information, third party app name and version.
• General Location Information
  • We use IP addresses to estimate your general location (e.g., country).
• Authentication Information
  • We collect authentication tokens created by the third party interoperable messaging services you use to verify your use of Interoperable Messaging. Authentication Information also includes encryption keys that our encryption protocol uses.
• User Reports
  • WhatsApp users may choose to report to us your interactions and your messages with them or others on our Services; for example, to report possible violations of our Terms or policies. When a report is submitted to us through the reporting tools, we receive information from the reporter on both the reporting user and those reported. To find out more about the information we receive when a User Report is submitted to us and what happens when a User Report is submitted, please see About blocking and reporting contacts.

Sharing of Third Party Interoperable User Information by WhatsApp

• Information shared with Meta. We work with other Meta Companies that act as our service providers and help us operate, provide, and promote the safety, security, and integrity of Interoperable Messaging. To receive these services we share the Third Party Interoperable User Information We Collect with the Meta Companies described in the How We Work With Other Meta Companies in the WhatsApp Privacy Policy.
• Working With Authorities, Advisors And Industry Partners. When you use Interoperable Messaging to send a message to a WhatsApp user, we may also share information with other third parties in response to legal requests, to comply with applicable law or to prevent harm as described in the Working with Authorities, Advisors and Industry Partners section of the WhatsApp Privacy Policy.

How and Why We Process Information from Third Party Interoperable Users

We rely on different legal bases to process your information. For each legal basis, we describe the purposes of our processing (why we process your information) and our processing operations (how we process your information to achieve each purpose). We also list the categories of your information that we process for each purpose.

Compliance With A Legal Obligation

We process Third Party Interoperable User Information We Collect to comply with our legal obligations under Article 7 of the Digital Markets Act to:

• enable interoperability with third party messaging services to the extent that this processing is necessary to provide effective interoperability such as to take precautions to ensure your messages are conveyed correctly and optimise the sending of media files. We also collect information for troubleshooting, diagnostics and debugging to operate and provide Interoperable Messaging.
• implement appropriate technical and organisational security measures, such as verifying your use of Interoperable Messaging, to ensure that interoperability with third party messaging services does not endanger the integrity, security and privacy of WhatsApp.

Learn more about how WhatsApp complies with legal obligations.

Protection Of Your Vital Interests Or Those Of Another Person

WhatsApp uses automated processing techniques and manual (human) review to process information where it is necessary to protect your vital interests or that of another person. WhatsApp shares information with law enforcement and others in circumstances where someone’s vital interests require protection, such as in the case of emergencies. Learn more about how WhatsApp protects your vital interests or those of another person.

Legitimate Interests

To ensure safety, integrity and security of Interoperable Messaging and our Services, we use Third Party Interoperable User Information We Collect and apply automated data processing techniques and, in some instances, conduct manual (human) review to identify and investigate bad actors that may interfere with Interoperable Messaging, the WhatsApp services or our users’ information, threats to the security of our Services, and investigate and address violations of our Terms or policies. More specifically, we rely on our legitimate interests and the interests of all WhatsApp users in keeping WhatsApp safe and secure. We also rely on our interests and the interests of Third Party Interoperable Users to keep Interoperable Messaging safe and secure.

Back to top

Retaining Information of Users of Third Party Interoperable Messaging Services

Subject to applicable laws, we keep Third Party Interoperable User Information We Collect for as long as we need it to provide Interoperable Messaging or our Services, or for other legitimate purposes, such as complying with legal obligations, enforcing and preventing violations of our Terms, to fight spam, or protecting or defending our rights, property and users. We decide how long we need information on a case-by-case basis. See Retention of Your Information in the WhatsApp Privacy Policy for more information on how long we keep your information.

How Users of Third Party Interoperable Messaging Services can exercise their data subject rights

Under the General Data Protection Regulation, you have the right to access, rectify, port, and erase your information, as well as the right to restrict and object to certain processing of your information that we collect when you send or receive a message from a WhatsApp user. To exercise those rights, contact us via this form or via the contact address provided below.

You also have the right to lodge a complaint with WhatsApp's lead supervisory authority under the GDPR, the Irish Data Protection Commission, or any other competent data protection supervisory authority.

Back to top

Transferring information as part of our global operations

Third Party Interoperable User Information We Collect will be transferred or transmitted to, or stored and processed in, third countries outside of the EEA for the purposes described in this Notice. When the Third Party Interoperable User Information is transferred or transmitted to, or stored and processed, outside of the European Economic Area, including in the United States, we rely on:

• Adequacy Decisions: We rely on decisions from the European Commission where they recognise that certain countries and territories outside of the European Economic Area ensure an adequate level of protection for personal information.
• EU-U.S. Data Privacy Framework: WhatsApp LLC and Meta Platforms, Inc. have certified their participation in the EU-U.S. Data Privacy Framework. We rely on the EU-U.S. Data Privacy Framework, and the European Commission's related adequacy decision, for transfers of Third Party Interoperable User Information We Collect to WhatsApp LLC and Meta Platforms, Inc. in the U.S. for the services specified in the certifications of WhatsApp LLC and Meta Platforms, Inc. For more information, see WhatsApp LLC’s Data Privacy Framework Disclosure or Meta Platforms, Inc.’s Data Privacy Framework Disclosure.
• Standard contractual clauses: We utilise standard contractual clauses approved by the European Commission for transfers to the third party interoperable messaging service and for transfers to the UK and Singapore. For a copy of the standard contractual clauses, please see our SCC Help Center article.

Back to top

Contact Us

If you have questions about this Notice or if you wish to contact the Data Protection Officer for WhatsApp, please use this form.

You can also write to us at the following address:

For WhatsApp Ireland Limited

Attn: Privacy Policy

Merrion Road

Dublin 4

D04 X2K5

Ireland