Support Docs Status Login
Security

Enterprise-grade security

Your customer data, conversations, and transactions are protected by industry-leading security infrastructure. Built for enterprises that demand the highest standards.

TLS 1.3 encryption

All data in transit is encrypted using TLS 1.3, the latest transport layer security protocol. Every API call, every webhook, every message.

Active

AES-256 at rest

All stored data is encrypted using AES-256, the same standard used by banks and government agencies. Your data is unreadable without proper authorization.

Active

SOC 2 Type II

We are pursuing SOC 2 Type II certification covering security, availability, and confidentiality. Our controls are designed to meet SOC 2 requirements.

In progress

POPIA compliant

Full compliance with South Africa's Protection of Personal Information Act. Your customers' data is handled according to the strictest African data protection laws.

Compliant

Role-based access

Granular permissions control who can access what. Admin, manager, agent, and viewer roles with customizable permissions per feature.

Active

Audit logging

Every action is logged with timestamp, user, and details. Full audit trail for compliance reporting, security investigations, and operational transparency.

Active

Your data stays in your region

We understand that data residency matters, especially for enterprises operating under local regulations. Paurtal offers regional data storage to ensure your data never leaves the jurisdiction you choose.

All WhatsApp message data, customer records, and transaction history are stored in the region closest to your operations. No exceptions.

πŸ‡ΏπŸ‡¦

South Africa

Primary data center for Southern African operations

πŸ‡ͺπŸ‡Ί

Europe

GDPR-compliant storage for European partners

πŸ‡¨πŸ‡²

Cameroon

West/Central Africa regional processing

🌍

Custom

Enterprise plans support custom data residency

Compliance and certifications

POPIA

South Africa data protection

GDPR Ready

European data protection

SOC 2

In progress

Meta Verified

Official WhatsApp BSP

PCI DSS

Payment security

Infrastructure

Enterprise cloud hosting

Deployed on tier-1 cloud infrastructure with multi-region redundancy and auto-scaling.

Automated backups

Continuous database backups with point-in-time recovery. 30-day retention with geo-redundant storage.

DDoS protection

Layer 3/4/7 DDoS mitigation with global edge network. Always-on protection for all endpoints.

Need more details?

Download our security whitepaper or talk to our security team directly.

Download security whitepaper Talk to security team