Security at Yalo

Yalo operates in a Secure Environment

Our systems are in a Virtual Private Cloud (VPC), with access secured by role based access control. All system updates are performed in a secure way by automated tools.

Your customer conversations are end-to-end encrypted

Privacy is part of our DNA. Messages are protected by the same Signal encryption protocol that secures messages on secure messaging platforms like WhatsApp, Signal, and Telegram. When customers message your Yalo business account, their messages are delivered securely to destinations chosen by you.

Conversational data is stored in a secure, encrypted data warehouse

By default, Yalo manages the cryptographic keys on your behalf using hardened key management systems. These systems include strict key access controls and auditing. Conversation data and metadata is encrypted under the Advanced Encryption Standard (AES).
Our security practices are built around industry norms like ISO 27001:2013. If you are a partner and would like more information please reach out to infosec@yalo.com.
Yalo implements Cloud Security controls in line with the SOC 2 security trust principles. Yalo is SOC 2 Type I and SOC 2 type II compliant.  If you are an existing or prospective customer or partner and would like to request a copy of Yalo’s SOC 2 report, please inquire by emailing infosec@yalo.com.

We use industry leading providers

In order to provide services, Yalo engages industry leading third-party service providers to carry out data processing activities to assist in providing the best possible service experience.

Our main third party services and sub-processors are:

Google Cloud: Cloud hosting and infrastructure provider hosting Yalo’s virtual compute environments, databases and analytics.

Amazon Web Services: Cloud hosting and infrastructure provider hosting Yalo’s virtual compute environments, customer integrations and third party connections.

Auth0: Identity and Access Management (IAM) provider for authenticating customers to Yalo’s platform services.WhatsApp/Facebook: Partners for receiving and delivering messages to end users.
*A full list of sub-processors and critical service providers are listed in the service description of Yalo’s SOC 2 type II report and can be shared upon request. If you are an existing or prospective customer or partner and would like to request a copy of Yalo’s SOC 2 report, please inquire by emailing infosec@yalochat.com

Your customers' privacy is our first priority

Yalo is committed to the preservation, protection and due use of personal data. Our platform is designed to ensure the privacy and security of end users while using our services. As a company committed to the security of our client's personal data, we implement and maintain physical, administrative and technical controls to safeguard data while in transit and at rest.
Platform functionalities, as well as integrations with other external applications, can be customized for each client. In this way we can meet the different safety and use requirements.
Contact security