Data

Data Processing

A business-friendly overview of what WhatsApp Gateway processes and why.

Last updated: 2026-05-08

What Data Is Processed

Account and customer profile data
Message metadata and delivery state
API request logs and API key metadata
Inbound message logs
Webhook payloads and delivery logs
3CX event logs
Policy events, suppression records, and opt-out events
Support and abuse reports

Why It Is Processed

Data is processed to authenticate customers, send and receive expected messages, deliver customer webhooks, support 3CX workflows, enforce responsible messaging controls, troubleshoot issues, detect abuse, and provide support.

Protection Measures

Phone numbers may be masked or hashed in logs and policy records.
API keys are hashed.
Secrets can be encrypted in settings when encryption is configured.
Customer records are scoped by customer account.

Customer Responsibilities

Customers are responsible for recipient consent, lawful message content, webhook destinations, connected systems, and deletion/export requests involving their own users or recipients.

Retention, Export, and Deletion

Retention periods may vary by deployment and operational need. Export and deletion requests can be sent to privacy@evoapi.faisak.com.

Subprocessors

Infrastructure, email, payment, monitoring, or support providers may process limited data needed to operate the service. A subprocessor list can be shared when available.