Data Deletion Instructions

This page explains exactly how to ask Reach & Bridge Sdn Bhd (operator of TapBrig) to delete personal data we hold about you. The process is the same regardless of how your data ended up with us — whether you signed up for a TapBrig account, your business uses TapBrig and we processed your data on their behalf, or you messaged a business via WhatsApp / WebChat / a Cards link and our AI handled the conversation.

This page is the authoritative deletion instructions referenced from our Privacy Policy.

1. Who can request deletion

• TapBrig account holders — businesses or individuals who signed up for a paid or free account at app.tapbrig.com.
• Visitors and customers whose data we processed on behalf of a TapBrig customer (for example, you sent a WhatsApp message to a business that uses TapBrig, or chatted with a TapBrig-powered widget on their website).
• Legal representatives acting on behalf of any of the above, provided they can furnish appropriate documentation.

2. How to request deletion

Email us at hello@tapbrig.com with the subject line "Data deletion request" and include:

• The email address associated with your TapBrig account (if you have one).
• If you contacted a business that uses TapBrig: the WhatsApp phone number, the business's name or website, and the approximate date(s) of your conversation. This helps us locate your data inside the right business's workspace.
• A brief description of what you would like deleted — your whole record, or specific items (e.g. message history, contact details, training documents you uploaded).
• Optionally, any verification info we may ask for to confirm the request is genuine (we do this to protect your data from someone else impersonating you).

If you prefer, you can also submit the same details through our contact form. The form route is monitored by the same inbox.

3. What gets deleted

When you request a full deletion, we remove:

• Your account record (name, email, password hash, role, workspace association).
• All conversation history we hold that we can attribute to you, including message content, phone numbers we received via the WhatsApp Business API, transcripts from WebChat sessions, and contact-form submissions from Cards.
• Knowledge-base documents and training files you uploaded.
• Custom prompts, tone calibration data, and AI configurations tied to your workspace.
• Any saved billing addresses or invoice records that are not legally required to be retained (see Section 4 for what we must keep).

After deletion, your data is removed from production databases. Encrypted backups are purged on a rolling 30-day schedule — your data is fully gone from all systems within 30 days. Aggregated, de-identified analytics that cannot be linked back to you may be retained.

4. What we may need to keep

A small number of records cannot be deleted because Malaysian, Singaporean, or other applicable law requires us to retain them. These are kept for the legally required period and then destroyed:

• Tax and accounting records (invoices, payment records) — retained per local tax authority requirements (typically 7 years).
• Records relating to legal claims, disputes, or investigations we are obliged to preserve.
• Anti-fraud and abuse signals (e.g. an IP or device fingerprint tied to confirmed abuse) — retained at the minimum we need to keep the platform safe.

5. How long it takes

• Within 5 business days we acknowledge your request and confirm we have located your data (or tell you we couldn't and ask for more information).
• Within 30 days we complete the deletion and confirm it in writing. If there's a legitimate reason we need more time (e.g. a complex enterprise workspace with many sub-records), we will tell you in writing before the 30 days are up and give a realistic timeline.
• Backups purge within an additional 30 days after the production deletion completes — so the absolute worst case is 60 days to be fully gone everywhere.

6. Data that lives in Meta's systems

TapBrig WhatsApp connects to Meta Platforms Ireland Limited's WhatsApp Business API. We can delete the copies of WhatsApp conversations stored on our systems, but copies that remain on Meta's WhatsApp servers are governed by Meta's own policies, which we do not control.

To request deletion of data Meta holds, you must contact Meta directly. Start at whatsapp.com/legal/privacy-policy or Meta's data-access request form.

7. Contact

For any question about a deletion request, including help identifying what data we hold about you, contact: