WhatsApp Business Platform
OonoBox connects through the official WhatsApp Business Platform as a Meta Tech Provider. We comply with Meta's WhatsApp Business Solution Policy and Commerce Policy, including the rules on opt-in, template messaging, and prohibited industries.
Data protection
We comply with applicable data protection regulations in the jurisdictions where we operate, including breach notification timelines, data subject rights, and standard contractual clauses for cross-border transfers. See our Data Protection page for details.
Security practices
- TLS 1.2+ for all data in transit, AES-256 for data at rest.
- Single sign-on with hardware-key MFA on all admin accounts.
- Least-privilege access with quarterly reviews.
- Encrypted, regionally-isolated backups with documented restore procedures.
- Security incident response runbook, tested at least once a year.
Anti-spam & abuse
We enforce platform rules on bulk messaging, require valid opt-in for marketing templates, and act on quality signals from Meta to keep your sender reputation healthy. Repeated abuse is grounds for suspension.
Subprocessors
We maintain a list of subprocessors used to operate the service. The list is available on request to compliance@oonobox.co.zw. Notice of additions is given to active customers.
Reporting
To report a security issue, please email security@oonobox.co.zw. We acknowledge responsible-disclosure reports within one working day.