Privacy Policy

Last Updated: December 24, 2024

Effective Date: December 24, 2024

1. Introduction

Telegram Manager ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Telegram channel management platform.

We comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password (encrypted)
  • Telegram Integration: Bot tokens, channel IDs, group information
  • Content: Messages you schedule, polls you create, files you upload
  • Communication: Support requests, feedback, correspondence

2.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent
  • Device Information: IP address, browser type, operating system
  • Cookies: Session cookies, preference cookies, analytics cookies
  • Security Logs: Login attempts, security events, audit trails

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Provide, maintain, and improve our platform
  • Authentication: Verify your identity and manage your account
  • Communication: Send service notifications, updates, and support
  • Security: Detect fraud, prevent abuse, and protect our systems
  • Analytics: Understand usage patterns and improve user experience
  • Compliance: Meet legal obligations and enforce our terms

4. Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Consent: You have given clear consent for specific purposes
  • Contract: Processing is necessary to fulfill our service agreement
  • Legal Obligation: We must comply with legal requirements
  • Legitimate Interest: For fraud prevention, security, and service improvement

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service Providers: Cloud hosting (Cloudflare), analytics, email delivery
  • Telegram: Through official Telegram Bot API for channel management
  • Legal Authorities: When required by law or to protect our rights
  • Business Transfers: In case of merger, acquisition, or asset sale

6. Data Security

We implement industry-standard security measures:

  • Encryption: All data encrypted in transit (TLS) and at rest (AES-256)
  • Access Control: Role-based permissions and multi-factor authentication
  • Monitoring: 24/7 security monitoring and anomaly detection
  • Regular Audits: Security assessments and penetration testing
  • Secure Development: OWASP Top 10 vulnerability protection

7. Data Retention

We retain your data for as long as necessary:

  • Active Accounts: While your account is active and for 30 days after deletion
  • Audit Logs: 90 days for security and compliance
  • Backups: 30 days in encrypted backups
  • Legal Requirements: Longer if required by law

8. Your Rights (GDPR)

You have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restriction: Limit how we use your data
  • Right to Portability: Receive your data in a structured format
  • Right to Object: Object to certain types of processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at: [email protected]

9. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Required for authentication and security
  • Functional Cookies: Remember your preferences and language
  • Analytics Cookies: Understand how you use our platform

You can control cookies through your browser settings. See our Cookie Policy for details.

10. International Data Transfers

Your data may be processed in countries outside your residence. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Data processing agreements with third parties

11. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or through our platform. Continued use after changes constitutes acceptance.

13. Contact Us

For privacy-related questions or requests:

You also have the right to lodge a complaint with your local data protection authority.

14. Compliance Certifications

We maintain compliance with:

  • GDPR (General Data Protection Regulation)
  • SOC 2 Type II (System and Organization Controls)
  • ISO 27001 (Information Security Management)