Security Measures
API keys are stored as hashes. Customer webhook and 3CX secrets are shown once when generated or rotated. Sensitive settings can be encrypted at rest when the deployment encryption key is configured.
Privacy
Privacy Policy
How WhatsApp Gateway handles account, usage, message, webhook, and support data.
Last updated: 2026-05-08
Data We Process
- Account data such as name, email, role, login state, and security settings.
- API usage data such as API key prefix, request metadata, send status, and timestamps.
- Message logs with message metadata, masked phone displays, hashes, purpose, status, and delivery references.
- Inbound logs, customer webhook delivery logs, and 3CX event logs.
- Cookies and session data needed for authentication and dashboard security.
- Support and contact messages submitted by users.
Retention
Operational logs are retained to support troubleshooting, security, billing, abuse prevention, and responsible messaging review. Retention periods may be adjusted by the operator.
Sharing and Subprocessors
Data may be processed by infrastructure, email, payment, security, or support providers used to operate WhatsApp Gateway. A detailed subprocessor list can be provided on request when available.
Your Rights and Contact
For privacy questions, export requests, deletion requests, or account data questions, contact privacy@evoapi.faisak.com.
No Certification Claims
This policy does not claim a specific legal compliance certification unless separately published or agreed in writing.