Whatsapp is a messaging app owned by Facebook since 2014. While it was for a long time unencrypted, whatsapp now offers End-to-end encryption by default and rely on the Signal protocol to do so, a largely audited and recognized protocol maintained by Open Whisper Systems and used in other messaging apps such as Signal. In that regard, Whatsapp is one of the safest options to communicate privately as it cannot access the content of your conversations.
However, whatsapp still collects metadata such as who you are talking to, at what time and from device. This still represent a great quantity of information and should be considered when using the app.
Whatsapp offers some security features which are good to enable. It's also worth reviewing the permissions given to the app. This guide looks at fingerprint lock, security notifications, Whatsapp web and app permissions.
Protecting your account starts with configuring the settings of your Whatsapp account to tighten your privacy and limit risks. This guide addresses backups, the primary risk in Whatsapp, profile visibility and two factor verification