Built on Trust.
Security isn't a feature; it's our foundation. We provide the guardrails you need to deploy AI across your organization safely.
Data Isolation
Every tenant operates in a logically isolated environment. Your site data, logs, and custom prompts never bleed into other accounts.
Provider Security
Channel API keys are encrypted at rest using AES-256. Your keys are never exposed to the browser or returned in API responses.
Transparent Logging
You have full visibility into every request. Audit logs help you track access and monitor for any suspicious activity.
Regional Residency
Our infrastructure is optimized for data residency requirements, with processing nodes available in key global regions including Africa.
What We Protect
We encrypt what matters and are transparent about the rest.
Channel API keys
AES-256 encrypted at rest
OAuth tokens
AES-256 encrypted at rest
Passwords
bcrypt hashed, never stored plain
Site exports
AES-256-CBC + HMAC signed
Data in transit
TLS via HTTPS
Conversation messages
Stored plain — not encrypted at rest
Infrastructure
Our gateway runs on a dedicated server with automated deployments. We monitor uptime actively and apply security patches on a rolling basis.
Access Control
- Role-Based Access Control (RBAC) — admin and tenant roles are strictly separated.
- Each tenant is logically isolated; no cross-account data access is possible.
- Channel API keys are scoped per site and encrypted at rest.