Security & Data Privacy
Built to protect
your customers.
Your customers trust you with their phone numbers, their orders, their health information, and their children's records. Kliovo is built to honour that trust — Meta-approved, encrypted end-to-end, role-restricted, and auditable at every layer.
Meta Official Partner
Since January 2023
TLS 1.3
All traffic encrypted in transit
AES-256
All data encrypted at rest
99.9% uptime
SLA with scheduled maintenance excluded
Core security
Six layers of protection, active by default.
Security is not a feature you configure — it is the layer every part of Kliovo is built on top of. These protections are active from the moment your account is created, at every tier.
Meta Official Business Partner
Kliovo is an officially approved Meta Business Partner. Every WhatsApp connection runs through the official WhatsApp Business API — no unofficial clients, no grey-market BSPs, no shared number pools.
Meta's partner audit evaluates security practices, API usage compliance, data handling, and template quality scores. Partners are reviewed on an ongoing basis — not just at onboarding. Kliovo has held this status since January 2023.
Data Encrypted in Transit
All traffic between your browser, our servers, and WhatsApp uses TLS 1.3. API keys, webhook payloads, and customer messages never travel over unencrypted connections.
TLS 1.3 is the current industry-standard for transport encryption, providing forward secrecy (each session uses a unique key) and resistance to downgrade attacks. HSTS headers enforce HTTPS on all Kliovo-owned domains.
Encrypted at Rest
Customer conversation data, contact records, and AI training entries are stored with AES-256 encryption. Database backups receive the same treatment. Encryption keys are managed separately from data.
AES-256 is the same standard used by financial institutions and government agencies. Key management uses envelope encryption — data keys are encrypted with master keys stored in a hardware security module (HSM), never alongside the data they protect.
Role-Based Access Control
Four permission levels — Owner, Admin, Agent, Super Admin. Agents see only the conversations assigned to them. Admins control what each role can read, edit, export, or configure.
Access control is enforced at the API level, not just the UI. An agent's API token cannot retrieve conversations outside their assigned scope, regardless of how the request is made. Role assignments are logged and auditable.
Full Audit Logs
Every login, data export, settings change, and AI training action is timestamped and attributed to a named user. Full audit trail retained for 90 days, exportable at any time.
Audit logs capture: who performed the action, what was changed (before and after values), when it happened, and from which IP address. Logs cannot be edited or deleted by any user — including Owners.
API Key Isolation
Each business gets its own API keys scoped to their account only. Keys can be rotated or revoked instantly from the settings panel — no support ticket required.
API keys are hashed before storage — Kliovo cannot recover a key after creation, only revoke and reissue. Keys have configurable scopes (read-only, webhook-only, full-access) so third-party integrations get the minimum permissions needed.
Meta compliance
WhatsApp policy enforced at the platform level.
Being a Meta Official Partner means Kliovo is audited for compliance — not just certified and forgotten. These WhatsApp Business Policy rules are enforced automatically by the platform. You cannot bypass them — which means your business cannot accidentally violate them either.
Official Meta Business Partner
Kliovo has held Meta Business Partner status since January 2023. This status is reviewed by Meta on an ongoing basis and requires maintaining quality scores, compliance standards, and API usage within policy guidelines.
Template approval
Every outbound message template used in campaigns must be reviewed and approved by Meta before it can be sent. Kliovo's platform enforces this — unapproved templates cannot be used in broadcasts or flows.
Opt-in enforcement
Kliovo's broadcast system blocks sending to contacts who have not explicitly opted in. This is enforced at the platform level — there is no override, regardless of account tier.
Quality score monitoring
Kliovo monitors your WhatsApp number's quality score in real time. If delivery rates drop or block rates rise, the platform pauses outbound sending and alerts the account Admin before Meta flags the number.
Rate limiting
Message sending rates comply with WhatsApp Business API tier limits per number. Kliovo manages tier progression automatically as conversation volume grows — no manual escalation required.
Webhook signature verification
Every incoming webhook from Meta is verified using the X-Hub-Signature-256 header. Unsigned or tampered payloads are rejected before processing — no unsigned webhooks reach the application layer.
Business verification requirement
All businesses connecting a WhatsApp number must complete Meta's Business Verification before sending any outbound campaigns. Kliovo guides this process but cannot bypass it.
AI privacy
Your AI stays yours.
The intelligence ovo AI builds for your business is isolated to your account. What your AI learns from your customers never benefits a competitor — or any other business on the platform. These are architectural guarantees, not policy promises.
AI training is account-scoped
When an agent clicks "Train AI," that training entry is stored in your account's isolated knowledge base — not shared with other businesses, not used to train any shared model.
Knowledge namespaces are partitioned at the database level. Even in a multi-tenant architecture, one account's training data is architecturally inaccessible from another account's queries.
Customer memory is isolated per account
ovo AI's customer memory (names, preferences, order history, conversation context) is scoped entirely to your account. One business's customer data never influences another's AI responses.
Memory entries are tagged with a composite key: account ID + customer ID. A query from Account A cannot retrieve or influence memory entries belonging to Account B, even if both accounts are on the same infrastructure.
External AI calls strip PII
When a query requires an external LLM call, personally identifiable information (name, phone number, address, order ID) is stripped from the prompt before the API call is made.
PII stripping is applied before the generation layer, not inside it. The external model receives a sanitised context — enough to generate a relevant answer, but with no personally identifiable data that could be retained in model training.
AI decisions are auditable
Every AI response can be reviewed by account Admins — including which knowledge base entry matched, which layer handled the query, and whether it was escalated.
Audit records for AI decisions are stored for 30 days. They include: the incoming message, the matched knowledge entry (with confidence score), the generated response, and the escalation decision — if applicable.
Right to erasure
Customers can request deletion of their conversation history and contact record. Admins execute this from the contact panel. Deletion propagates to backups within 30 days.
Erasure requests affect: conversation threads, contact records, memory entries, and any AI training data that referenced that contact. Backups are rotated on a 30-day cycle, ensuring full propagation within that window.
AI never answers legal or medical questions
ovo AI is configured to escalate any query involving legal liability, prescription changes, diagnostic interpretation, or emergency medical situations — immediately to a human, not a generated answer.
This is an enforced configuration, not a guideline. The escalation trigger for high-risk medical and legal language runs before the generation layer — so the AI cannot generate a response to these queries even if instructed to.
Access control
Role-based permissions.
Every team member has exactly the access they need — nothing more. Permissions are enforced at the API level, not just in the interface. Configure once, apply everywhere. No agent can exceed their role, regardless of how they access the platform.
Owner
- Full account access across all settings
- Billing and subscription management
- Account deletion and data export
- Create and remove all other roles
- View all audit logs
Super Admin
- All settings except billing
- Create, modify, and remove Admins
- Export all conversation and contact data
- View full audit logs
- Configure AI and automation flows
Admin
- Manage agents and conversation assignments
- Configure flows, AI knowledge base, and templates
- View reports and analytics
- No access to billing or account deletion
- No access to Super Admin audit logs
Agent
- View and reply to assigned conversation threads only
- Add tags, notes, and quick replies
- No access to settings, analytics, or AI configuration
- No data export capability
- Cannot access other agents' conversations
Infrastructure
The stack underneath.
Kliovo runs on infrastructure chosen for reliability, not novelty. Every component has a clear failure mode and a tested recovery path.
HostingAWS / GCP — multi-region with automatic failover
DatabasePostgreSQL with point-in-time recovery (PITR)
Uptime SLA99.9% (scheduled maintenance windows excluded)
Real-time deliveryPusher WebSockets — TLS-encrypted channels only
Background processing16 BullMQ workers with Redis queue persistence
CDN and DDoS protectionCloudflare — WAF rules, rate limiting, bot mitigation
Automated backupsDaily snapshots, 30-day retention, encrypted at rest
Dependency scanningAutomated CVE scanning on every dependency update
Penetration testingAnnual third-party penetration tests
Incident response SLA72-hour notification to affected accounts for any breach
Common questions
Security FAQ.
Does Kliovo store my customers' WhatsApp messages?
Yes — conversation history is stored to enable AI context, agent handoff, and customer memory. All stored data is encrypted at rest (AES-256) and access-controlled by role. You can export or delete any contact's data at any time from the Admin panel.
Can I restrict which agents see which conversations?
Yes. Admins can assign conversations to specific agents. Agents only see threads assigned to them — this is enforced at the API level, not just in the UI. Team inbox access can be toggled per agent independently.
Where is my data stored geographically?
Primary data is stored on servers in the region closest to your business location. Data residency controls for specific regions (e.g. EU, GCC) are available on the Enterprise tier. Pakistani businesses are served from a regional cluster.
What happens if I cancel my subscription?
Your data is retained for 30 days post-cancellation. During this window you can export all conversation history, contacts, and AI training data in standard formats. After 30 days, all data is permanently and irreversibly deleted from our systems and backup rotation.
Does Kliovo use my data to train shared AI models?
No. Your AI training entries, customer conversation data, and contact records are never used to train models that serve other businesses. All AI learning is account-scoped — what your AI learns stays in your account.
Is Kliovo compliant with data protection regulations?
Kliovo's data handling practices are designed to align with GDPR principles (right to access, right to erasure, data minimisation, breach notification within 72 hours) and WhatsApp Business Policy. For businesses in regulated industries, a Data Processing Agreement (DPA) is available on request.
What happens if there is a security incident?
Affected accounts are notified within 72 hours of discovery. We follow responsible disclosure practices and coordinate with Meta where the incident involves the WhatsApp Business API. A full incident report is provided to affected accounts within 14 days of resolution.
Can I get a copy of my data?
Yes. Account Owners and Super Admins can export conversation history, contact records, and AI training data in CSV format from the settings panel at any time — no support request required.
Need a Data Processing Agreement?
A DPA is available for enterprise accounts and regulated-industry customers. Request one through your account dashboard or by contacting support.
Responsible Disclosure
Found a security issue?
We take every security report seriously. Contact us privately and we commit to: acknowledging your report within 48 hours, providing a status update within 5 business days, and resolving critical vulnerabilities within 7 days. We do not pursue legal action against good-faith security researchers.
Your customer data deserves better.
Book a walkthrough and we'll show you exactly how your data is stored, who can access it, how the AI isolation works, and how to lock things down further for your specific industry.