Security & Compliance

Built from the ground up with enterprise security requirements in mind. Your data protection is our top priority.

Security Architecture

Database Isolation

Each customer organization gets a dedicated, isolated database. Your data is never co-mingled with other customers' data, eliminating cross-tenant data exposure risks.

Encryption

All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Database credentials are encrypted before storage using AES-256.

Audit Logging

Comprehensive audit trail of all actions including user access, configuration changes, and data operations. Logs are immutable and retained for compliance.

Access Controls

Role-based access control (RBAC) with granular permissions. Support for SSO integration and multi-factor authentication.

Infrastructure Security

Hosted on enterprise-grade cloud infrastructure. Regular security assessments and vulnerability scanning.

Data Processing

AI model providers do not train on your data. Conversation data is processed via API and subject to provider retention policies for safety monitoring, but is not used to improve their models.

Multi-Tenant Isolation

Unlike shared-database multi-tenant systems, each All Onboard customer receives a completely isolated database instance.

What This Means

  • Your data exists in a separate database from all other customers
  • No risk of data leakage through application bugs or misconfigurations
  • Independent backup and recovery per organization
  • Ability to meet data residency requirements

Data Stored Per Organization

  • • Conversations & messages
  • • AI agent configurations
  • • Knowledge base documents
  • • Operator accounts & permissions
  • • Escalation history
  • • Channel connections

Have Security Questions?

We're happy to discuss our security practices, complete security questionnaires, or schedule a call with our team.