Security and access controls you can rely on.
Tenant isolation, RBAC, audit trails, and AI safeguards built in from day one — not bolted on later.
Access controls and isolation.
Every layer of the platform is designed with your data safety in mind.
Role-based access control
Access managed by role across knowledge, agents, analytics, and billing. Each member sees only what they need.
Tenant isolation
Data is isolated by tenant at the database level. Nothing crosses company or brand boundaries.
Audit trail
Every response, handoff, knowledge edit, and permission change is logged. Full trail for compliance and security reviews.
We only store what we need.
UK-based infrastructure. Data minimisation by design.
Data minimisation
Only data required to operate the service is collected and retained.
Tenant-level separation
Strict separation across all stores and brands. Customer data never crosses tenant boundaries.
Retention controls
Retention periods are defined per plan. Deletion requests handled in line with GDPR.
Safety by design. Not just by policy.
The AI operates within defined boundaries at all times — and hands off when it reaches them.
Grounded answers only
Answers from your approved knowledge and policies only. The AI cannot go beyond the scope you define.
Confidence threshold and fallback
When confidence drops below threshold, the agent falls back safely rather than guessing.
Human handoff with context
Complex queries escalate to a human with the full transcript. No repeated questions, no lost context.
Scoped knowledge per agent
Each agent operates within its own knowledge scope. Brand A customers never receive Brand B answers.
No model training on your data
Your conversations and knowledge base are never used to train shared models. Your data stays yours.
Admin approval workflow
Knowledge edits and config changes can require approval before going live.
Trust and security questions.
Where is data stored?
Stored with vetted cloud providers, isolated by tenant. Specific hosting regions confirmed on request.
How do you control access?
RBAC and tenant isolation protect all data. Access is granted by role and restricted at the database level.
Do you train models on customer data?
No. Your data is used only to operate your service, never to train shared models.
How do you handle incident response?
Documented detection and containment processes. Affected customers notified promptly under GDPR.
Can we request data deletion?
Yes. We can execute deletion requests in line with your contract and applicable data protection law including UK GDPR.
What audits do you support?
Audit-friendly logs, access records, and documentation available for security and vendor reviews.