Skip to main content

Privacy Policy

Information about how Apifon protects your privacy and handles user accounts

Updated: June 21, 2019

(To view the prior version of our privacy policy, go here)

Apifon provides a messaging automation platform that helps businesses to communicate effectively with their customers, grow revenue and improve customer experience. The cloud platform, Mookee, enables communication through multiple channels: SMS, Viber, Email and other chat apps.

Appreciating the fact that you trust us to handle your data appropriately, including personal information of yours as well as those of your end users, we at Apifon take every possible action to protect your data while we give you full control over your personal data on our platform.

We have a Data Protection Program in place to oversee the effective and secure processing of your personal data. More information on this framework can be found on our website.

All information containing personal data is hosted and maintained on servers located within the European Union.

Apifon’s role as data controller and/or data processor

Depending on your relationship with Apifon, we can be either Controller or Processor and as a result have specific responsibilities:

Controller is the company that an individual (or data subject) provides their personal data to. The Controller has the responsibility of deciding why and how (the “purposes” and “means”) the personal data is processed.

Processor is the company that provides part of the service of the Controller, and needs specific personal data in control of the Controller in order to do so. The Processor has obligations to process data safely and legally and only according to the instructions of the Controller.

When we collect

We collect and process your personal information:

  • when you browse our website we automatically collect data by placing cookies and trusted tracking technologies on your browser;
  • when you contact our Sales Team or our Support Team;
  • when you request to receive newsletters / product and services information and material;
  • when you sign up for an account and use our products and services;
  • when you buy credits or subscribing to a plan, we need more information than just your name and password;
  • when you sent a campaign, we collect information about the device and applications your end user uses to access messages as well as how the end user interacts with messages sent through our Services.

What we need

The personal data we collect may include depending on our relationship:

  • name;
  • contact details;
  • account credentials;
  • financial data;
  • usage data;
  • location data.

Why we need it

We need to know your basic personal data in order to:

  • manage our relationship with you;
  • send you informational and promotional content in accordance with your marketing preferences;
  • provide the requested services to you;
  • process and answer your inquiries or to contact you to answer your questions and/or requests;
  • develop and improve our products, services, communication methods and the functionality of our websites;
  • help detect, prevent, or investigate security incidents, fraud and other abuse and/or misuse of our products and services;
  • carry out core business operations such as accounting and filing taxes.

We will not collect any personal data we do not need in order to provide and oversee those services to you.

Sharing information

Whether we fulfil the role of Controller or Processor, we always make sure that the parties we work with comply with GDPR. Furthermore, we do not sell or allow your data to be used by third parties for their own marketing purposes.

Below are listed the different scenarios under which we may share your data with third parties.

  • Telecom operators and other communications service providers for proper routing and connectivity. In order to make sure the message you send will reach the intended recipient, independent of their location, we make use of a global network of telecom providers.
  • Third-party service providers. Apifon engages third-party service providers, like our hosting providers, our helpdesk and our CRM, to carry out certain data processing functions on our behalf. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
  • Apifon Company Family: In order to do business with our offices worldwide, we might need to share personal data with our branches abroad.
  • Compliance with Legal Obligations and Law Enforcement Requests. In certain situations, we may be required to disclose your or your end users’ personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal information to respond to witness summons, court orders, to exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law.

How long do we keep it?

How long we keep personal data depends on its nature and the purpose for which it was obtained. If we have come to an agreement with you, we will keep your personal data as long as there is a contractual obligation between us – unless a longer retention period is required or permitted by law. Moreover, according to Hellenic Authority for Communication Security and Privacy and Greek law, we are obligated to keep logs (telephone numbers, message body, sender id, timestamp, etc.) about the messages sent through our services, for a default period of 24 months.

What are your rights?

You are entitled, in accordance with applicable law, to request access to, rectification of, or erasure of your personal data. If at any point you believe the information we process on you is incorrect, you can request to see this information and even have it corrected or deleted.

Furthermore, you have the right to request restriction of collection and/or processing of, or object to certain types of collection and/or processing of your personal data. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate the matter, at You may also, in some circumstances, be entitled to data portability.

If for whatever reason you no longer want us to use your personal data, you are free to change your mind and withdraw your consent to our processing of data. We will always comply with your request, unless we are legally required to keep your data.

We will process your requests without delay and at the latest within one month of receipt of the request. If a request is complicated or we get too many requests to process at a given time period, our response time can be increased by two months. You will be informed when such an extension period applies.

Last but not least, you are entitled to lodge a complaint with the corresponding data protection supervisory authority in your country of residence.

Contact us

If you have any additional questions about Apifon’s collection and storage of data, please feel free to contact us at:

address: 27, Georgikis Scholis str. 57001, Thessaloniki, Greece
telephone: +30 2316018500