Security
Built for tenant-safe WhatsApp customer service.
talkady processes customer conversations, phone numbers, business tool responses, and WhatsApp account credentials with strict tenant isolation and managed operational controls.
Tenant isolation
Every tenant-scoped record is tied to a tenant ID. Tenant requests are authenticated with JWT and bound to the tenant subdomain before data is returned.
Encrypted secrets
WhatsApp tokens, tool auth secrets, and customer API keys are encrypted at rest with AES-256-GCM. Plaintext secrets are used only in memory during an authorized request.
Secure transport
Production traffic uses HTTPS/TLS. WhatsApp webhooks are received on a public HTTPS endpoint and processed by the backend service.
Access control
talkady uses role-based access across landlord staff, tenant admins, and tenant teammates. Public self-registration is not enabled.
AI boundaries
AI replies are scoped to the tenant's business context. The assistant escalates uncertain, sensitive, or account-specific questions when the required lookup tools are unavailable.
Deletion
Customers can request workspace deletion and end users can request deletion through the business or by contacting talkady privacy support.