Bot On Site

Security

Last updated: September 20th, 2025

At Bot On Site we design for safety and reliability first. This page summarizes how we protect your data and the data your website visitors share with our AI receptionist.

Overview

  • Hosting & infrastructure (USA): Vercel (application hosting & CDN), Supabase (managed Postgres + auth), Fly.io (background workers/running jobs).
  • Messaging & email: Twilio (SMS, where enabled), SendGrid (email).
  • Payments: Stripe (customer portal, billing).
  • Model providers: Voyage and OpenAI (LLM inference). We configure providers not to train on your data.
  • See current vendors and regions on our /legal/subprocessors page.

Data flow (high level)

  1. Your site loads our script.
  2. Visitor messages are sent over TLS to our API.
  3. We process the request (rate limiting, safety filters), call the model provider, and return a response.
  4. If lead capture is enabled, we store contact details + transcript in your dashboard.

Encryption

  • In transit: TLS 1.2+ for all client ↔ server and server ↔ provider connections.
  • At rest: Encryption on Supabase storage and managed Postgres volumes; encrypted backups.

Access controls

  • Principle of least privilege across cloud accounts.
  • SSO/MFA enforced for employees; per-service role-based access.
  • Production data access is restricted and logged; access is granted for support/debug with explicit approval and automatically revoked.

Application security

  • Input validation and output encoding; content-security policy (CSP) and HTTP security headers where applicable.
  • Session management with short-lived tokens; CSRF protection on dashboard forms.
  • Rate limiting and abuse controls on public endpoints.
  • Secrets managed via provider KMS/secure env storage; no secrets committed to source control.
  • Regular dependency updates with automated vulnerability scanning (SCA) and code review before deploys.

Data retention & deletion

  • Default retention is set in your dashboard (you can delete conversations/leads at any time).
  • Account-level deletion requests are supported (see Data Requests).
  • Backups are retained for disaster recovery on a rolling basis and are encrypted.

Business continuity

  • Multi-AZ cloud infrastructure with automated scaling and health checks.
  • Continuous monitoring and alerting; on-call coverage for incidents.

Incident response

  • Triage within hours, containment/eradication as needed, and post-mortem with corrective actions.
  • Where legally required, we notify affected customers without undue delay (e.g., GDPR Art. 33/34).

Responsible disclosure

If you believe you've found a security issue, email security@botonsite.com with details and steps to reproduce. Please avoid data destruction or service disruption. We review all good-faith reports and will keep you updated.

Compliance posture

  • We support DPA execution and list our Sub-processors publicly.
  • We are not a covered entity or PCI processor; please do not submit PHI/PCI via the widget. Contact us for regulated needs.

Contact: security@botonsite.com