|End-2-end data encryption||tyntec is serving banks and governments and can provide references for successful security and compliance audits|
|GDPR-critical functions like the access to the address book are not part of the WhatsApp Business API as it does not require any sort of access to your systems||Your service will be hosted in tyntec’s own datacenter in Dortmund, Germany — meaning within the European Union|
|Media and messages are only stored for delivery and deleted after 7-30 days respectively||tyntec has operated telecommunication services for over 15 years and has to follow strict security and data protection regulations — even before the GDPR ruling|
|HTTPS connection and multiple layer security options, like VPN or TLS, ensure the message data reaches our platform without being exposed|
|No message is ever “archived”, storage is only used for transmission purposes|
For more information, please check our GDPR and Security guide
WhatsApp messages are encrypted from tyntec to the device, and secured over HTTPS (and optional SSL/VPN) from your application to tyntec.
In addition to high-level encryption, WhatsApp also displays a security message at the start of the chat. This helps make sure that your customers know that their conversation is with an authentic company — this message cannot be faked by a scammer as it is generated by WhatsApp.
One of the reasons why WhatsApp is successful is its stance against spam behavior. That’s why their opt-in plays a crucial role in WhatsApp Business Account B2C interactions. The opt-in must be an active opt-in; it needs to be triggered by a user action, such as entering a phone number or checking a box to indicate consent.
An end user must first consent to receiving messages from the brand on WhatsApp by opting in via a third-party channel. This can be any channel your business uses to communicate with the customer today — your website, app, email, SMS, retail location, etc. Get inspired here on how to collect opt-ins for WhatsApp
For end user protection WhatsApp has implemented a reporting and blocking mechanism. Enterprises must respect all requests (either on WhatsApp or off) to block, discontinue, or otherwise opt-out of communications from you via WhatsApp. If a user communicates an opt-out selection, enterprises must update their contact list to remove that user and cannot send (or attempt to send) any further messages to that user using the Business Products.