Privacy

Privacy Policy

How Transcenda collects, uses, retains and protects the data you grant when you connect your Meta Business. We only receive what you scope, store tokens encrypted, and you can revoke any time.

Last updated 2026-05-25

Who we are

TRANSCENDA COMPUTER SYSTEMS & COMMUNICATION EQUIPMENT SOFTWARE DESIGN EST. ("Transcenda", "we") is a Dubai-based IT services company and a Meta-verified Tech Provider. Business contact: [email protected].

What data we collect through Meta integrations

When you connect your Meta Business to Transcenda via our Embedded Signup at meta.transcenda.io/enroll, we receive — strictly limited to the capabilities you select — the following data from Meta:

  • Identity: your Meta user ID, name, email
  • Business assets: business IDs, names, verification status
  • Pages: page IDs, names, categories, follower counts, message and post content (when you grant Pages scopes)
  • Instagram: account ID, username, follower count, message and comment content (when granted)
  • WhatsApp Business Accounts: WABA IDs, phone numbers, message templates, inbound/outbound message content (when granted)
  • Ads: ad account IDs, campaign metadata, performance metrics, lead form responses (when granted)
  • Access tokens: long-lived OAuth tokens that let us call Meta's APIs on your behalf — stored encrypted at rest

What we DO NOT collect

  • Your Meta password — Meta handles authentication, we never see credentials
  • Financial information from Meta — billing relationships stay between you and Meta
  • Data from Pages, IG, WhatsApp accounts you did not grant access to

How we use it

  • Operate the agreed managed services (messaging, posting, campaign management) on your behalf
  • Provide reporting and analytics inside our operator consoles
  • Detect and respond to abuse, fraud, and policy violations
  • Comply with legal obligations (UAE PDPL, GDPR Art. 6(1)(f), Meta Platform Terms)

We do not sell, rent, or trade your data with third parties.

Retention

  • Message content: 30 days unless required longer for an active service relationship or legal hold
  • Access tokens: until you revoke or the service relationship ends, then deleted within 30 days
  • Audit logs of our staff actions: 12 months

Your rights

You can revoke our access to your Meta data at any time at business.facebook.com → Settings → Apps. Revocation is immediate on Meta's side.

You can also request deletion of all data we hold about you via our data deletion process.

Security

  • All data in transit uses TLS 1.2+
  • Access tokens encrypted at rest with AES-256-GCM
  • Staff access gated by SSO with audience-staff role + per-action audit logging
  • Infrastructure hosted on private servers in the UAE region with Cloudflare edge protection

International transfers

Some processing happens in Google Firestore (multi-region). Subject to standard contractual clauses where applicable.

Contact

Privacy questions: [email protected]
General: [email protected]