Prohibited: illegal content; CSEA/terrorism/violence/hate; IP/confidentiality violations; phishing/fraud/spam; malware/defense bypass; personal‑data harvesting without rights; harmful/weapon/drug instructions; sanctions evasion; crypto‑mining/bot‑farms without permission; shared logins.
WhatsApp‑specific prohibitions:
- Sending messages without valid prior opt‑in from the recipient (as required by WhatsApp Business Policy);
- Transmitting full payment card numbers (PCI DSS), financial account numbers, or national identity numbers via WhatsApp messages;
- Sharing or combining end‑user data received from one WhatsApp conversation with data from another customer/tenant (cross‑client data isolation);
- Using WhatsApp Business API for purposes prohibited by Meta Commerce Policy, including illegal products, tobacco, drugs, weapons, and adult content;
- Initiating or facilitating bulk unsolicited messaging (spam) through WhatsApp channels.