Data Security
How we protect your business and customer information.
We prioritize security. Since we serve as a bridge between your core systems and Meta, we implement industry-standard security protocols to keep your data safe.
1. Encryption Standards
- Encryption in Transit: All traffic flowing between our user dashboard, our backend servers, and Meta's API endpoints is encrypted using TLS 1.3 protocols.
- Encryption at Rest: All tenant databases, conversation histories, and uploaded media are stored on AWS servers encrypted with AES-256 standards.
2. Row-Level Tenant Isolation
We host our infrastructure using PostgreSQL on Supabase. To prevent accidental cross-tenant data leaks:
- RLS Policies: Row-Level Security (RLS) is enabled on all core tables (e.g. Contacts, Messages, Tenants).
- Database Partitioning: Every query executed by our servers is context-bound to the logged-in user's Tenant ID. One tenant's code cannot read or modify another tenant's rows under any circumstances.
3. API Key & Auth Safety
- Access Token Rotation: Dashboard login sessions are authenticated using OAuth tokens with a 1-hour expiry window, refreshing automatically in the background.
- API Credentials: Developer keys generated on the dashboard are salted and hashed. We never store raw API keys in plain text in our databases.
- Payment Security: We do not store credit card or bank credentials. All payment processing is handled securely by Paystack and Stripe, both compliant with PCI-DSS Level 1 standards.
Was this page helpful?