Security & Compliance

Australian Data Residency

All data is hosted in the AWS Sydney region (ap-southeast-2). Your data never leaves Australia unless you explicitly enable an international AI provider.

Encryption in Transit

All connections use TLS 1.2 or higher. HTTP requests are automatically redirected to HTTPS.

Encryption at Rest

All stored data is encrypted with AES-256. File uploads use S3 server-side encryption. Database backups are encrypted.

Edge Network

Frontend is served via Vercel Edge Network with built-in DDoS protection and automatic SSL certificate management.

Multi-Tenant Isolation

Row-Level Security (RLS) policies on every database table ensure complete data isolation between organisations. Each query is automatically scoped to the authenticated organisation.

Role-Based Access Control

Four permission levels (Owner, Admin, Member, Agent) control who can access what within each organisation. Permissions are enforced at the API level.

Domain Restriction

Chat widgets only respond to requests from registered domains. Requests from unauthorised origins are rejected.

Input Validation

All API inputs are validated using schema-based validation (Zod and class-validator). SQL injection is prevented via parameterised queries.

Audit Logging

Key account actions (login, settings changes, data access, deletions) are logged with actor, timestamp, and action details.

Rate Limiting

Public-facing endpoints (chat, lead capture) are rate-limited to prevent abuse. Dashboard APIs use authenticated rate limits.

No AI Training on Your Data

Your data is never used to train, fine-tune, or improve AI models. We use Anthropic Claude via AWS Bedrock, which provides zero-retention AI processing.

Retrieval-Augmented Generation (RAG)

The chatbot only answers from your published content. It does not generate answers from general knowledge, reducing hallucination risk.

Grounding Enforcement

Strict grounding mode ensures the AI cites specific content from your knowledge base. When no relevant content exists, it directs visitors to contact you.

Data Export

Export all your data at any time via the dashboard or API. We support JSON export for full data portability (GDPR Article 20).

Data Deletion

Request complete deletion of your data via dashboard or API. We process deletion requests within 30 days (GDPR Article 17).

Data Retention

Configurable retention periods. Defaults: conversations (90 days), knowledge base (30 days after deletion), account data (30 days after closure).

Consent Management

Lead capture forms include configurable consent checkboxes with timestamped records. AI disclaimer toggles are available for the chat widget.