AgenticWhatsup
GDPR · EU Hosting · AES-256 Encryption

Security & compliance

Your clients' privacy is a non-negotiable priority. Here is exactly how we protect their data.

Book a call — Free auditWrite on WhatsApp

Our security commitments

🔒

End-to-end encryption

  • All conversations encrypted in transit (TLS 1.3)
  • Data at rest encrypted AES-256
  • Automatically rotating encryption keys
  • Data access in read-only mode on documented request
🇪🇺

100% European hosting

  • Servers located in Europe (EU)
  • No data transfer outside the EU
  • GDPR and Swiss data protection law compliance
  • EU subprocessors only (DPA signed)
🛡️

Strict access control

  • Mandatory multi-factor authentication for our team
  • Client data access limited to strict necessity
  • Logging of all access and actions
  • Quarterly access review
🗑️

Right to erasure & portability

  • Complete data deletion on request within 72h
  • Export all your data in standard format
  • Configurable retention based on your needs
  • No resale of data to third parties, ever
🔍

Audit & transparency

  • Monthly activity report available
  • Access logs viewable at any time
  • Incident notification within 72h (GDPR requirement)
  • Annual security audit by independent third party
📋

Contracts & DPA

  • GDPR Data Processing Agreement (DPA) provided
  • Clear and readable privacy policy
  • Terms compliant with EU/Swiss legal requirements
  • Data Protection Officer available

Standards respected

GDPR (EU) 2016/679
General Data Protection Regulation — full compliance
Swiss DPA (nDSG 2023)
Federal Act on Data Protection — compliant
AVG (Netherlands / Belgium)
Algemene Verordening Gegevensbescherming — compliant
WhatsApp Business API
Official Meta partner — data processed per Meta policy
ISO 27001 (infrastructure)
Our hosting provider is ISO 27001 certified

Frequently asked security questions

Who can access my clients' conversations?

Only you and the team members you authorise. Our technical teams only access data in the event of a documented incident, with your agreement and in a traceable manner.

Where is the data stored?

On servers located in the European Union. No data transits or is stored outside the EU.

What happens if I cancel my subscription?

You can export all your data within 30 days of cancellation. After that period, data is securely and irreversibly deleted.

Does the AI agent use our data to train its models?

No. Your data is never used to train third-party models. It is only used to operate your agent.

How do I handle GDPR requests from my clients?

We provide you with tools to respond to your clients' access, rectification and deletion requests in a few clicks.

Trust & transparency

Questions about security?

Our team answers all your compliance questions before any commitment.

Book a call — Free audit Write on WhatsApp