Legal

Data Processing Agreement

Effective April 26, 2026

1. Scope and roles

This Data Processing Agreement (“DPA”) forms part of the Terms of Service between SENDNXT (“SENDNXT”, “we”) and the customer (“you”) and applies whenever SENDNXT processes personal data on your behalf in connection with the Service.

With respect to personal data about the people who message your Facebook Pages and the SMS recipients you load, you act as the data controller and SENDNXT acts as a data processor. With respect to your account profile (the Page owner's identity and billing information), SENDNXT acts as a controller — that processing is described in the Privacy Policy.

2. Subject matter, duration, and instructions

The subject matter of the processing is the operation of the SENDNXT multi-channel broadcast platform — sending Messenger and SMS messages you author, syncing inbound conversations for your connected Facebook Pages, and reporting delivery state back to you.

The duration of processing is the term of your subscription, plus the retention windows set out in the Privacy Policy. SENDNXT processes personal data only on your documented instructions, which are: (a) the Terms of Service, (b) this DPA, and (c) the configuration you set inside the platform (campaigns, sequences, audience selection, channel toggles).

3. How data enters the platform

SENDNXT only processes personal data ingested through the channels you have explicitly enabled:

  • Facebook integration. When you connect a Page via Facebook OAuth, SENDNXT receives Page-scoped IDs (PSIDs), public profile name, avatar, and locale for users who have sent your Page an inbound message. SENDNXT does not accept uploaded contact lists for Messenger and does not reuse PSIDs across Pages.
  • SMS list ingestion. For SMS campaigns, you may upload CSV files of phone numbers that you have lawfully opted in, or collect new numbers via webhook from your own opt-in flows. You are solely responsible for confirming and documenting consent under TCPA, GDPR, and any other law that applies to your audience.
  • Unified profiles. Where the same lead is reachable on both channels, SENDNXT can merge their PSID and phone number into a unified profile so you can target them across channels. Merging happens only on your instruction.

4. Categories of personal data and data subjects

The personal data SENDNXT processes on your behalf includes:

  • Facebook Page-scoped IDs (PSIDs);
  • phone numbers (E.164);
  • first names, last names, and public profile information;
  • custom data fields you populate (used for dynamic-variable personalisation in your campaigns);
  • inbound and outbound message content, attachments, timestamps, and delivery / read receipts;
  • opt-out signals (e.g. inbound “stop”).

The data subjects are the end users who interact with your Facebook Pages or appear on the SMS lists you upload. You are responsible for ensuring you have a lawful basis to process each record.

5. Use limitations

SENDNXT will:

  • process personal data only to provide the Service and as instructed by you;
  • not sell, rent, or trade personal data;
  • not use personal data for our own advertising or to enrich a third-party profile;
  • not use Facebook data outside the permissions you granted, in accordance with Meta's Platform Terms and Developer Policies;
  • ensure that personnel authorised to access personal data are bound by appropriate confidentiality obligations.

6. Message processing and the Safe Send engine

When you draft a campaign, SENDNXT renders the message by injecting the dynamic variables you have selected (e.g. first name, custom tags) and routes it to Messenger, SMS, or both based on your channel toggle.

Outbound messages are released through a paced queue (RabbitMQ / AWS SQS) and rate-limited against Meta's Graph API limits and standard SMS carrier limits. This is a security and integrity measure: it protects your accounts from being flagged for spam and maintains delivery quality.

7. Compliance signals SENDNXT enforces automatically

  • Messenger 24-hour window.Standard (non-tag) Messenger messages are blocked once 24 hours have passed since a recipient's last inbound message.
  • Message-tag constraints. Messenger sends that rely on a message tag must declare the allowed tag and reason; the reason is persisted on the outbound message row for audit.
  • Opt-out enforcement.Inbound “stop”, “unsubscribe”, “quit”, “cancel” (and equivalents) immediately and permanently block all future sends — broadcasts, sequences, and manual replies — to that contact, on every channel.
  • Receipt tracking. Webhooks and callbacks from Meta and SMS providers are recorded so you can see delivery state in real time.

8. Subprocessors

You authorise SENDNXT to engage the following categories of subprocessor to deliver the Service:

  • Cloud infrastructure — managed compute, database, cache, and queue providers that host the platform.
  • Meta Platforms, Inc. — Facebook Login, Graph API, and Messenger Platform.
  • SMS gateway providers — e.g. Twilio, Plivo, or Sinch, depending on the route selected for delivery.
  • Payment processor — for subscription billing and SMS-wallet top-ups.
  • Email provider — for transactional and account-related notifications.

We impose data-protection obligations on each subprocessor that are no less protective than those in this DPA. We will give you notice of any new subprocessor with a meaningful change to data handling before granting them access to personal data; you may object on reasonable data-protection grounds, in which case we will work in good faith to find a resolution.

9. International transfers

SENDNXT operates from the Philippines and may transfer personal data to countries where our subprocessors are located. Where required, we rely on appropriate transfer mechanisms (such as the EU Standard Contractual Clauses) and apply supplementary safeguards.

10. Security measures

SENDNXT applies, at minimum, the following technical and organisational measures:

  • HTTPS for all API and dashboard traffic;
  • encryption at rest of third-party credentials (Facebook page access tokens, SMS provider credentials);
  • verification of the X-Hub-Signature-256 header on every Meta webhook before parsing;
  • principle-of-least-privilege access controls and audit logging for internal staff;
  • redaction of access tokens, raw Facebook user IDs, full phone numbers, and message bodies from server logs;
  • backup, isolation, and recovery procedures suitable for a multi-tenant SaaS.

11. Data subject requests

Taking into account the nature of the processing, SENDNXT will assist you with reasonable technical and organisational measures so you can respond to data subject requests (access, rectification, erasure, restriction, portability, objection). If a request reaches SENDNXT directly, we will forward it to you and not respond on your behalf unless legally required to do so.

12. Personal data breach notification

SENDNXT will notify you without undue delay and in any event within 72 hours of becoming aware of a personal data breach affecting your data. The notice will include, to the extent known: the nature of the breach, the categories and approximate number of data subjects and records concerned, the likely consequences, and the measures taken or proposed to address it.

13. Audit and information rights

On reasonable written request and no more than once per year (unless required by a regulator), SENDNXT will make available the information necessary to demonstrate compliance with this DPA. Where a third-party audit is needed, the parties will agree on scope, timing, and cost in advance.

14. Return and deletion at end of service

On termination of your subscription, SENDNXT will delete the personal data it processes on your behalf within the retention window described in the Privacy Policy, except where applicable law requires continued retention. You can also trigger deletion at any time using the data deletion instructions.

15. Liability and governing law

The liability provisions of the Terms of Service apply to this DPA. This DPA is governed by the laws of the Republic of the Philippines, without prejudice to mandatory data-protection rights of data subjects under their local law.

16. Contact

For questions about this DPA, or to make a request related to processing under it, write to privacy@sendnxt.com.