Our Commitment to Security

At SiteAgent, we take the security of your data and our platform extremely seriously. We understand that you entrust us with valuable information when you use our Services to build and manage AI chatbots, and we are committed to implementing robust security measures to protect that trust.

Key Security Practices

• Data Encryption

  All data transmitted between you and SiteAgent, and between our servers and integrated services, is encrypted using industry-standard Transport Layer Security (TLS). Data at rest, including your chatbot configurations and training data stored within our Supabase infrastructure, is also encrypted to protect its confidentiality.

• Infrastructure Security

  Our platform is built on Vercel and Supabase, reputable cloud infrastructure providers that maintain high standards of physical and network security. This includes measures against unauthorized access, DDoS protection, and regular infrastructure audits.

• Application Security

  We follow secure coding practices and conduct regular code reviews. Our development lifecycle includes considerations for security at each stage. We also aim to perform regular vulnerability assessments and penetration testing to identify and remediate potential security weaknesses in our application.

• Access Controls

  Access to your account and data within SiteAgent is protected by authentication mechanisms. We implement role-based access controls internally to ensure that only authorized personnel have access to sensitive systems and data, based on the principle of least privilege.

• Chatbot Data & Integrations

  You control the data used to train your chatbots and the integrations you configure. We provide tools for managing this data, and we encourage you to follow best practices for securing API keys and sensitive information used in your integrations. SiteAgent does not access your integrated third-party accounts beyond what is necessary to provide the configured service.

Your Role in Security

While we implement comprehensive security measures, maintaining the security of your SiteAgent account and the data you manage also depends on your actions. We encourage you to:

• Use strong, unique passwords for your SiteAgent account and change them regularly.
• Be cautious about phishing attempts and ensure you are on the official SiteAgent domain before entering credentials.
• Securely manage any API keys or credentials used for integrating third-party services with your chatbots.
• Regularly review the access permissions and data shared with your chatbots.
• Inform your end-users about how their data is processed by your chatbots, in line with your own privacy commitments.

Incident Response

In the event of a security incident affecting your data, SiteAgent is committed to responding promptly and transparently. Our incident response plan includes steps for containment, eradication, recovery, and post-incident analysis. We will notify affected users in accordance with applicable laws and our contractual obligations.

Reporting Vulnerabilities

We value the work of security researchers and the broader security community. If you believe you have discovered a security vulnerability in our Services, please report it to us immediately at security@siteagent.eu. We are committed to investigating all legitimate reports and taking appropriate action to address them.

Continuous Improvement

Security is an ever-evolving landscape. SiteAgent is dedicated to continuously reviewing and enhancing our security practices, technologies, and policies to adapt to new threats and ensure the ongoing protection of your data.