Trust & Security
Data security
Your knowledge, your conversations, and your leads belong to you. This page explains, in plain terms, how Ultimo Bots stores that data, who can reach it, where it is processed, and what happens when you delete it. We have kept it honest: it describes what the product actually does today, not a wish list.
Ultimo Bots is a hosted service. When you add knowledge, chat with your agent, or capture a lead, that information is handled by our backend and a small number of trusted infrastructure providers. The sections below walk through each layer: how your data is kept separate from other customers, how it travels and is stored, who can access it, and how to remove it.
Isolation per workspace
A workspace (also called an organization) is the container that owns your agents, knowledge, conversations, leads, billing, and team. Every account gets a personal workspace automatically, and you can create more for different teams or clients.
Isolation between workspaces is a core design rule, not an afterthought. Behind the scenes, every request is tied to the workspace you are currently in, and every database read or write that touches workspace data is filtered by that workspace identifier. When you open an agent, the backend first confirms that the agent belongs to your current workspace before returning anything, and refuses the request if it does not. The practical result:
- One customer cannot see another customer's data. Knowledge, conversations, and leads are scoped to the workspace that created them.
- Search results stay separate. Each agent's knowledge lives under its own dedicated namespace in our search index, so one agent never retrieves another agent's content.
- Switching workspaces switches everything. Your agent list, analytics, leads, and knowledge all change to match the workspace you are viewing.
Encryption in transit
Data moving between your browser and Ultimo Bots, and between your website visitors and your agent, travels over HTTPS (TLS). That means the connection is encrypted in transit, so the contents of a request cannot be read by someone watching the network in between. The dashboard, the hosted chat link, and the embeddable widget are all served over HTTPS.
Authentication and access control
Access to your workspace is protected on two fronts: proving who you are, and limiting what each person can do.
- Sign-in. You sign in with an email and password. Passwords are stored as one-way hashes (bcrypt), never as plain text, so the original password cannot be read back even by us. You can also sign up through the Wix, Webflow, or WordPress connection flows.
- Session tokens. After you sign in, the dashboard uses a signed, time-limited token (a JWT) to authenticate each request. Tokens expire after 24 hours, so a token that leaks does not stay valid indefinitely.
- Role-based permissions. Team members have a role of owner, admin, write, or read. Roles decide who can edit agents and knowledge, manage the team, change billing, or only view. These checks are enforced on the server, not just hidden in the interface, so a blocked action is genuinely blocked.
For the full breakdown of what each role can and cannot do, see Roles & permissions.
Where your data is hosted and processed
Ultimo Bots runs on Microsoft Azure. To answer visitor questions and power search, your data is processed by a small set of named providers. Here is exactly who touches what, and why:
| Provider | Role | What it handles |
|---|---|---|
| Microsoft Azure | Hosting and storage | Runs the Ultimo Bots backend and database, and stores files you upload as knowledge. |
| OpenAI | AI responses | Generates your agent's answers and creates the embeddings used for search. The visitor's message and the relevant knowledge needed to answer it are sent to OpenAI at reply time. |
| Pinecone | Knowledge search | Stores the searchable index of your knowledge so the agent can find the right passage to answer with. Each agent has its own isolated namespace. |
These are the core providers for the AI experience itself. Connected channels and tools you choose to enable (for example a Google Drive or OneDrive import, or a messaging channel) involve the relevant provider for that integration as well.
What we store and how it is protected
We try to store only what the product needs to work. The table below lists the main categories of data, why each exists, and how it is protected.
| What we store | Why | How it is protected |
|---|---|---|
| Knowledge content Scraped website pages, uploaded documents, FAQs, and business context. | This is what your agent answers from. | Scoped to your workspace. The searchable index lives in a per-agent namespace. Deleting a source removes it. |
| Conversations The chat history between your visitors and your agent or a human teammate. | Powers the live inbox, analytics, follow-up, and (where enabled) AI-suggested replies. | Scoped to your workspace and reachable only by signed-in members with a role. |
| Leads Details a visitor submits through an in-chat form, such as name, email, or a message. | So you can follow up with interested visitors. | Scoped to your workspace and visible only to members with access. |
| Account and team data Your name, email, password hash, workspace, roles, and billing record. | To run your account, your team, and your subscription. | Passwords are hashed. Access is role-gated. Billing is handled by the payment provider. |
Data deletion and retention
You stay in control of the data your agents hold. Deletion is real deletion, not just hiding the item from view.
- Remove a knowledge source. When you delete a website page, document, FAQ, or other source from an agent's knowledge base, it is removed from our database and from the search index for that agent. The agent stops answering from it.
- Delete an agent. Deleting an agent removes the agent and clears its knowledge namespace from the search index, so its content is no longer retrievable.
- Close your account. If you want your account and its data removed, contact us and we will handle it.
For how this maps to privacy rights such as access and erasure requests, see GDPR & privacy.
Your responsibilities
Security is shared. We protect the platform; you decide what goes into it and who you let in. A few practices keep your data safe:
- Do not put secrets in knowledge. Your knowledge content is used to answer visitors and is sent to the AI provider at reply time, so treat it as readable. Never paste passwords, API keys, private tokens, or internal credentials into a scraped page, uploaded document, FAQ, or business context. If a secret ends up in knowledge, rotate it and remove the source.
- Be deliberate about what your agent can answer. Only add content you are comfortable having your agent share with visitors.
- Invite people at the right role. Give teammates the lowest role that lets them do their job. Use read for people who only need to view.
- Protect your sign-in. Use a strong, unique password and remove team members promptly when they no longer need access.