Encryption in transit
All client traffic is served over TLS 1.2+. Internal API calls and database connections use TLS as well. HSTS is enabled for botdock.io.
BotDockTrust & Security
How we protect your customers' conversations and your team's workspace.
The controls below describe the current production state of BotDock. We update this page when the underlying control changes — bookmark it or pass the URL to your security team.
Security commitments
What we do, every day, to keep your data safe.
Encryption at rest
Customer data is stored in AWS RDS (PostgreSQL) and S3 with AES-256 encryption. Object storage uses server-side encryption with managed keys.
Authentication & access
Sign-in supports password (bcrypt-hashed) and Google OAuth 2.0. Auth tokens are issued as HttpOnly, Secure, SameSite cookies with rotation. Cloudflare Turnstile gates account creation against automated abuse.
Tenant isolation
Every workspace is isolated by tenant ID at the database row level. API keys, bots, conversations, and uploads are scoped per tenant; cross-tenant access is impossible by design, not by policy.
Role-based access control
Workspaces support per-user roles with granular permission strings. Sensitive operations (billing, key rotation, member invites) are gated to Owner / Admin roles.
Audit logging
Auth events, key issuance, role changes, and bot configuration changes are written to an append-only audit log retained for at least 90 days.
Backups & recovery
Database backups run daily with point-in-time recovery via AWS RDS. Recovery Point Objective (RPO) is 24h; Recovery Time Objective (RTO) is 4h for the production tier.
Vulnerability management
Dependencies are scanned via GitHub Dependabot. Container images are scanned at push time. Critical patches ship within 7 days; high-severity within 30.
Compliance posture
Where we are today and what's next.
GDPR-aware data flow
In place
Cookie consent via Cookiebot, Consent Mode v2, data deletion on request, Standard Contractual Clauses available on request.
SOC 2 Type II
Roadmap
Controls being implemented; targeting first audit window in 2026.
ISO/IEC 27001
Future
Evaluated for EU/Middle East enterprise customers post-SOC 2.
HIPAA
Not applicable
BotDock is not a HIPAA-covered platform. Do not store PHI in conversation transcripts.
PCI DSS
Out of scope
BotDock does not process or store cardholder data. Stripe handles payment information directly.
Sub-processors
Vendors we use to deliver the service.
Vendor
Purpose
Region
Amazon Web Services
Compute, database, storage, email (SES)
us-east-1 (default)
Cloudflare
DNS, CDN, Turnstile bot protection
Global
Google
OAuth identity provider for sign-in
Global
Stripe
Payment processing and subscription billing
US
Microsoft Clarity
Heatmaps and session recordings (consent-gated)
Global
Google Analytics 4 / Tag Manager
Web analytics (consent-gated)
Global
Cookiebot (Usercentrics)
Cookie consent management
EU
We notify customers via email at least 30 days before adding a new sub-processor that processes customer data. Email [email protected] to subscribe to that list.
Data processing
Documents and contacts.
Data Processing Agreement
Our DPA is available on request to customers on any paid plan. It includes Standard Contractual Clauses for international data transfers. Email [email protected].
Privacy & data deletion
Read our privacy policy for what we collect and why. Workspace owners can delete their entire tenant from the dashboard; raw conversation data is purged within 30 days.
Security disclosure
Found a vulnerability? Email [email protected]. We acknowledge reports within 1 business day and fix critical findings within 7 days. We do not currently run a paid bug bounty.
Status & incidents
Production incidents that affect customer-facing functionality are communicated by email and on this page. Sustained-availability monitoring is published once we leave preview.
Need something specific for your security review?
Email [email protected] with the questionnaire or section you need to complete and we'll respond within 2 business days.