Your clients' data, secured end-to-end

Encryption

Data in transit is protected with TLS. Data at rest uses industry-standard encryption on our cloud providers. Keys are managed according to provider best practices; we minimize sensitive data in logs and restrict access to production systems.

Data residency

Primary application and database hosting is in the United States unless otherwise agreed for your workspace. EU/UK residency options may be available for enterprise agreements — ask us when you're ready to standardize on a region.

Access controls

Team members only see workspaces they're invited to. Role-based permissions separate admin actions from day-to-day inbox work. Audit-style exports and admin tooling are built so agencies can align with their own client policies.

Compliance

We support customers who need DPA coverage and subprocessors lists. Specific legal terms live in our contracts; this page is a high-level overview.

FAQ

Is my data used for AI training?

We don't use your client message content to train public foundation models for third parties. Product AI features operate in the context of your workspace — see your agreement and DPA for the exact terms that apply to your plan.

Can I export my data?

Yes — exports and reporting flows are designed so agencies can hand materials to clients or archive work. Availability varies by plan; contact us if you need a bespoke export format.

What happens if I cancel?

You can export what you need before offboarding. We retain data only as long as required for the product and applicable law, then delete according to our retention schedule. Details are in our Privacy Policy and your order form.