Our platform was designed with security and privacy as a core priority from day one. We apply the best technical practices to protect customer data and continuously develop our security capabilities.
Last updated: February 2026
Data Protection
All communications encrypted using TLS 1.3
Data at rest encrypted using AES-256
Encrypted and secured backups
Full data export available at any time
Data Sovereignty
Your data belongs to you — we never sell or share it
Immediate data deletion upon request
Designed to align with Saudi Data Protection Law (PDPL)
Access Control
Two-factor authentication (2FA) for administrative accounts
Role-based access (Admin, Manager, Agent)
Active device and session tracking
Automatic session timeouts after inactivity
Access restriction via IP allowlisting
AI & Privacy
Your data is never used to train any AI model — ever
Each request is processed independently and in isolation
Full control to disable AI processing for any conversation at any time
Monitoring & Audit
Audit logs for all sensitive actions
Login attempts and change tracking
Protection against abuse and attacks via rate limiting
Application Security
Protection against XSS and CSRF attacks
Platform-wide security headers
Immediate revocation of suspicious sessions
Incident Response
A dedicated team prepared to respond to security incidents