Security

Security Settings and Data Protection Guide

01.06.2026 31 okuma Platform Admin

Enterprise Security and GDPR Compliance Standards

Our platform is designed to meet enterprise security requirements. Your data, passwords, and chats are protected under multi-layer security.

Military-Grade Encryption (AES-256-GCM)

The passwords of the corporate email accounts you connect are never stored as plain text in our database. All passwords are encrypted with the AES-256-GCM encryption algorithm before database insertion, rendering them impossible to decrypt. Company user passwords are hashed using the one-way bcrypt algorithm.

Multi-Tenant Isolation and SQL Security

A multi-tenant architecture is applied in our database. In our SQL queries, every company record is filtered by the company_id parameter. This ensures no company's data leaks into another company's session. Site-to-site request forgery is completely prevented with CORS and CSRF token protections.

GDPR Compliance and Masking

Our platform complies with the General Data Protection Regulation (GDPR) standards. Sensitive personal details (first name, last name, phone, personal ID, etc.) in the payloads sent to AI services (Gemini, OpenAI) are automatically masked on our servers before transfer to AI models.

Rate Limiting and XSS Protection

To prevent resource abuse and cyber attacks, IP and API Key based Rate Limiting is applied. All web inputs are sanitized against Cross-Site Scripting (XSS) attacks.

Bu makale yardımcı oldu mu?
Paylaş: