Your customer data is not our product.

The guarantees merchants ask for, written plainly.

Encryption

TLS 1.3 in transit. AES-256 at rest. All merchant data keyed per tenant.

Access control

SSO on Social Seller. Per-seat role-based access. Full audit log of AI and human actions.

Data residency

EU (Frankfurt) and UAE (Dubai) regions. You pick at signup; data never leaves the region.

Retention

Conversations kept 365 days by default. Configurable down to 30. Deletable on request.

Sub-processors

Published list. 30-day notice before additions.

Incident response

Customer notification within 72 hours of a confirmed breach. Quarterly pen-tests.

Compliance: SOC 2 Type II in progress. GDPR and DIFC-DPL compliant. WhatsApp Business Solution Provider via Meta Cloud API.