How We Protect Your Data
Multiple layers of security ensure your data and your customers' data remain safe.
Encryption Everywhere
All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Your data is never stored in plain text.
Data Isolation
Each customer's data is logically isolated. Your data is never shared with other customers or used for training.
Access Controls
Role-based access control, multi-factor authentication, and detailed audit logging for all administrative actions.
SOC 2 Type II
We maintain SOC 2 Type II compliance with annual audits by independent third-party assessors.
Privacy by Design
We collect only the data necessary to provide the service. You control data retention and deletion.
Incident Response
24/7 security monitoring with documented incident response procedures and customer notification protocols.
Data Handling Practices
Transparency in how we handle, process, and protect your information.
What Data We Collect
- •Product catalog information (synced from your store)
- •Customer conversation logs (for analytics and improvement)
- •Aggregated usage metrics (for billing and optimization)
- •Account information (email, company name, billing details)
What We Don't Do
- •We never sell your data to third parties
- •We never use your data to train models for other customers
- •We never access your data without explicit permission
- •We never store payment card details (handled by Stripe)
Your Control
- •Export all your data at any time
- •Delete your account and all associated data
- •Configure data retention periods
- •Choose your hosting region (where available)
AI Usage & Boundaries
Clear guidelines on how AI processes and uses your data.
AI Processing
Our AI processes your product catalog and customer conversations to provide intelligent responses and recommendations.
Processing happens in real-time and data is not stored beyond what's necessary for analytics and service improvement.
You can configure what data the AI has access to and set boundaries on topics it can discuss.
Model Training
Your data is never used to train AI models that serve other customers.
We use pre-trained foundation models and fine-tune them exclusively for your store's context.
Enterprise customers can opt for completely isolated model deployments for additional security.
Infrastructure & Hosting
Built on industry-leading cloud infrastructure with security at every layer.
Cloud Provider
Hosted on AWS with SOC 2, ISO 27001, and other certifications
Data Centers
US, EU, and APAC regions available for data residency requirements
Uptime SLA
99.9% uptime guarantee with redundancy and automatic failover
Enterprise Security Options
Additional security features available for enterprise customers.