Trust center

Security, privacy & reliability, in one place

Everything you need to evaluate Inno Message with confidence — our security posture, compliance controls, data handling and live service status.

Security

Defence-in-depth controls aligned to the OWASP Top 10.

Privacy

How we handle, store and delete personal data.

Status

Real-time service availability and uptime history.

Legal

Terms of service, cookie and refund policies.

Quick facts

  • Passwords hashed with bcrypt; sessions hardened & rotated on login
  • CSRF protection on every mutating action (HTTP 419 on mismatch)
  • PDO prepared statements everywhere — no raw SQL interpolation
  • Output escaped with htmlspecialchars to prevent XSS
  • TLS with certificate verification on all provider calls
  • HMAC-SHA256 verification of inbound Meta webhooks
  • Multi-layer audit logs (payments, messages, settings, logins)
  • Data access & deletion controls for GDPR-aligned operations
Sub-processors

Who helps us deliver

ProviderPurposeData processed
WhatsApp / MetaWhatsApp, Messenger & Instagram deliveryRecipient identifiers & message content
SendGridEmail delivery & event trackingRecipient email & message content
TwilioSMS delivery & status callbacksRecipient phone number & message content

You bring your own provider accounts — message content flows through the providers you configure.

Security questions or disclosures? Email [email protected]. We're happy to support vendor security reviews and questionnaires.