AI CHAT CONCIERGE
// SECURITY & COMPLIANCE

Enterprise-grade by default. Everything documented.

The security posture your IT team wants to see before you buy — data handling, encryption, access controls, and vendor list. Send this page to your CISO.

01

Data

Where it lives, how we treat it.

02

Access

RBAC + audit logs + Face ID.

03

Encryption

TLS 1.3 + AES-256 at rest.

04

Compliance

GDPR-ready + HIPAA-ready with BAA.

05

Operational

Daily patches, weekly restores, monthly audits.

06

Sub-processors

Every vendor that touches your data.

// 01 — DATA HANDLING

Where your data lives + how we treat it.

01

Where your data lives

Primary storage + hosting matches your compliance framework — regional deployment on request per instance. Sub-processors that touch data in flight (AI model, SMS carrier, etc.) are listed in §06 below and covered by DPA. Region + vendor details shared under NDA.

02

Your data stays yours

We never train foundation models on your conversations or KB. Your data powers your instance and nothing else. Export it any time — CSV, JSON, PDF. Delete it any time — full-purge in 30 days.

03

Retention you control

Set conversation retention per instance (30 / 90 / 365 days or indefinite). PII masking optional. GDPR right-to-erasure implemented per-contact + per-instance + account-wide.

04

Backups you can audit

Daily encrypted backups, 30-day retention, quarterly restore drills. Backup logs available on request under NDA.

// 02 — ACCESS + AUTH

Every action, attributable.

01

Role-based access

Superuser (you) · Admin (managers) · Operator (staff). Operators see only assigned instances. Every action logged with timestamp + user ID + IP.

02

SSO + 2FA

SAML / OIDC for enterprise. TOTP 2FA for individual accounts. Passwordless magic-link option available.

03

Face ID on operator app

Operator iOS + Android apps gate access via Face ID / Touch ID. Phone unlock alone does NOT reveal customer messages.

// 03 — ENCRYPTION

At rest. In transit. Everywhere.

01

TLS 1.3 in transit

Every customer message + every operator action rides TLS 1.3 with modern ciphers (X25519 + ChaCha20-Poly1305). Legacy TLS versions disabled.

02

AES-256 at rest

Databases, backups, and file uploads encrypted with AES-256-GCM. Encryption keys rotated quarterly, escrowed offline.

03

Secrets management

API tokens + integration credentials sealed via HashiCorp Vault. No plaintext secrets anywhere in the codebase or in support access.

04

BYO key (enterprise)

Enterprise customers can bring their own KMS keys (AWS KMS / Azure Key Vault / GCP KMS). We hold ciphertext only.

// 04 — COMPLIANCE POSTURE

The honest current state.

GDPR

GDPR-ready if you need it

Data-processing agreement available on request. Right-to-erasure per-contact / per-instance / account-wide. Audit trail retained for regulatory review. Turn it on per instance for EU customers.

US

US SaaS controls

Role-based access, per-instance data isolation, encrypted in transit + at rest, audit trail on every operator + admin action. Standard US SaaS controls for a Virginia LLC serving customers globally.

HIPAA

HIPAA on request

Not a covered entity by default. HIPAA-ready hosting available on request with a signed BAA — required for medical, dental, veterinary, and adjacent verticals handling PHI.

CERTS

No SOC 2 or ISO 27001 yet

We don't currently hold SOC 2 Type II or ISO 27001 certification. Procurement conversations that require formal certifications are handled during the demo call — we're transparent about what we do and don't hold.

// 05 — OPERATIONAL SECURITY

What we do so you don't have to.

DAILY

Automated dependency scans + patching

Renovate + Snyk run on every build. Critical patches applied within 24h; high within 7 days.

WEEKLY

Backup restore drills

One instance restored from the previous week's backup, checked byte-for-byte, then discarded. Reports available.

MONTHLY

Access audit

Every user + every role + every instance reviewed. Stale accounts revoked. Sub-processor SLAs revisited.

ONGOING

Incident response

24/7 on-call rotation for security incidents. Public status page. Under GDPR Art. 33, we notify the supervisory authority within 72 hours; under Art. 34, we notify affected individuals without undue delay when the breach poses a high risk.

// 06 — SUB-PROCESSORS

Every vendor that touches your data.

AI

Anthropic (Claude API)

Language-model provider. Conversation content sent to Anthropic for response generation. Zero-retention API mode enabled — Anthropic does not store or train on your data.

MAIL

SendGrid (transactional email)

Transactional email delivery — confirmations, invoices, password resets, notifications. DPA in place.

HOST

Application hosting

Cloud hosting across AWS, OVH, and Hetzner. Region details shared under NDA. Regional deployment on request per instance.

CDN

Cloudflare (DNS + WAF + CDN)

DDoS protection, edge caching, web application firewall. Sets an essential __cf_bm cookie for bot management. No customer message content stored at the edge.

MAPS

Google Cloud (Maps + Weather) — optional

Enabled for geo-aware answers (distance, live weather, GPS pins). Instance-scoped, no personal data forwarded. Turnable off per instance.

IMG

Freepik (AI image generation) — optional

Optional AI image generation for the WordPress plugin content tools. Not used by the chat runtime. Turnable off per instance.

SMS

Twilio (admin 2FA + optional SMS)

Used for operator + admin two-factor authentication codes. Not used for customer WhatsApp routing. If SMS as a customer channel is enabled for your instance, Twilio also carries that traffic — DPA in place.

META

WhatsApp / Meta — transit only

Messages flow through WhatsApp's network the same way any WhatsApp Web session does. No data-processing agreement with Meta, no Meta Business API contract. Bridge model: operator scans a QR from your dashboard, WhatsApp installed on their phone acts as a linked device — same mechanism as WhatsApp Web.

US-hosted by default · Regional on request TLS 1.3 · Modern ciphers only AES-256 at rest · Quarterly key rotation SSO + 2FA · SAML + TOTP Face ID gated ops app Data export always included · CSV / JSON / PDF Per-instance data isolation GDPR-ready DPA on request HIPAA-ready with BAA on request Audit trail on every read

Send this page to your security team.

Or request the full security pack — DPA, sub-processor list, penetration test summary, backup logs — under NDA.