HTTPS and sessions
Zenkoo is served over HTTPS in production and browser sessions use HttpOnly cookies, expiry, rotation, and server-side revocation.
Security and WhatsApp data
Zenkoo handles WhatsApp conversations, contacts, and sales context only to run the workspace you enable: shared inbox, pipeline, follow-ups, automations, reports, and team visibility.
Zenkoo uses connected WhatsApp data to display conversations, organize leads, assign owners, schedule follow-ups, and report on pipeline health. We do not sell customer conversations or use WhatsApp message content for advertising.
Zenkoo is served over HTTPS in production and browser sessions use HttpOnly cookies, expiry, rotation, and server-side revocation.
Protected requests check that the signed-in user can access the relevant WhatsApp account before returning conversations, files, or team data.
WhatsApp media is served through authenticated routes rather than public guessing URLs, with defensive headers and file validation.
Zenkoo processes messages from WhatsApp numbers you connect so the product can operate. Customers remain responsible for WhatsApp, Meta, privacy, and consent requirements.