Back to home
Transparency

Privacy Policy

Last updated: March 2026

AES-256 encryption at rest
TLS 1.3 in transit
EU-hosted infrastructure
30-day data purge after deletion

On This Page

1

Introduction

Dripl ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Telegram automation platform. By using Dripl, you agree to the practices described in this policy.

2

Data We Collect

We collect the following categories of information:

Account info
Email, name, password hash
Telegram sessions
Phone number, encrypted session tokens
Usage data
Messages, rules, templates, analytics
Technical data
IP address, browser, device, access logs
Billing data
Payment method via Stripe (no full card numbers)
3

How We Use Your Data

  • Provide, operate, and maintain the Dripl platform
  • Execute scheduled messages and forwarding rules on your behalf
  • Process payments and manage your subscription
  • Send service-related notifications (e.g. account alerts, maintenance)
  • Improve our product based on aggregated, anonymized usage patterns
  • Detect and prevent fraud, abuse, or security incidents
4

Data Storage & Security

Your data is stored on infrastructure hosted in the European Union. We use encryption at rest (AES-256) and in transit (TLS 1.3). Telegram session tokens are encrypted with per-user keys and stored separately from other account data. We maintain regular backups and perform routine security audits.

For more details on our security practices, visit our Security page.

5

Third-Party Services

We share data with the following providers, only as necessary:

StripePayment processing — handles all transactions securely
Telegram APISession data used to interact with Telegram on your behalf
InfrastructureEU cloud hosting for data storage and processing

We do not sell your personal data to third parties.

6

Data Retention

We retain your account data for as long as your account is active. After account deletion, we purge personal data within 30 days, except where required by law (e.g. billing records retained for tax compliance). Aggregated, anonymized analytics data may be retained indefinitely.

7

Your Rights (GDPR)

If you are located in the European Economic Area, you have the right to:

AccessRequest a copy of your personal data
RectifyCorrect inaccurate or incomplete data
EraseDelete your data ("right to be forgotten")
RestrictLimit how we process your data
PortExport your data in machine-readable format
ObjectOpt out of processing based on legitimate interests

To exercise these rights, contact us at the address below.

8

Contact Us

Questions about this policy or your data rights?

info@dripl.ai