Security at QuickWise

Your data is the foundation of your AI chatbot. We take its protection seriously with enterprise-grade security at every layer.

Encryption in Transit

All data in transit is encrypted using TLS 1.3. Every connection between your browser, our servers, and third-party services is secured end-to-end.

GDPR Compliant

We are fully GDPR compliant. You can access, export, or delete all your personal data at any time. We maintain detailed records of consent and data processing activities.

Secure Authentication

API tokens are scoped and revocable. Access to production systems requires multi-factor authentication and follows the principle of least privilege.

Data Ownership

You own your data. We never sell, share, or use your content for purposes other than providing the service. Delete your account and all data is permanently removed within 90 days.

AI Data Handling

Your data is never used to train AI models. We use OpenAI's API with data processing agreements that guarantee your content is not retained or used for model training.

Infrastructure

Our infrastructure is hosted on enterprise-grade cloud providers with automated backups and DDoS protection. All systems are monitored 24/7.

Security Practices in Detail

Data Storage and Encryption

All data in transit is protected with TLS 1.3. Database backups are stored in geographically separate locations. Access to production systems requires multi-factor authentication and is restricted to essential personnel only.

Access Controls

We follow the principle of least privilege. Team-based access controls ensure that your data is only accessible to authorized members of your organization. All access is logged and auditable. API tokens can be scoped and revoked at any time.

Data Processing with OpenAI

When your chatbot processes a query, relevant document chunks are sent to OpenAI's API to generate a response. OpenAI does not use API data for model training. We maintain a Data Processing Agreement (DPA) with OpenAI that ensures your data is handled in compliance with GDPR and other applicable regulations.

Data Deletion

When you delete documents, conversations, or your entire account, the data is soft-deleted immediately (no longer accessible) and permanently purged from all systems within 90 days. You can export all your data at any time in JSON or CSV format before deletion.

Incident Response

We maintain a documented incident response plan. In the event of a security incident, affected users will be notified within 72 hours as required by GDPR. Our team monitors for security threats 24/7 and maintains updated security patches across all systems.

Questions about security?

Read our Privacy Policy and Terms of Service for complete details, or contact us at security@quickwise.ai.

Get Started Free