CleverAI/Documentation

Security Documentation

Security features, best practices, and compliance information

Security Overview

CleverAI implements industry-leading security measures to protect your data and ensure compliance with global privacy regulations. Our multi-layered security approach covers infrastructure, application, and data security.

Data Encryption

End-to-end encryption

Access Control

Role-based permissions

Compliance

GDPR, SOC 2, ISO 27001

Data Security

Encryption
  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Encrypted database backups
  • Secure key management
Data Privacy
  • No training on user data
  • Data isolation per account
  • Right to deletion (GDPR)
  • Data portability options
Infrastructure Security
  • AWS/GCP secure hosting
  • DDoS protection
  • Web Application Firewall
  • Regular security audits
Authentication
  • OAuth 2.0 / SSO support
  • Two-factor authentication
  • Session management
  • API key rotation

Chatbot Security Features

Domain Whitelisting

Restrict chatbot embedding to authorized domains only.

  • • Exact domain matching
  • • Wildcard support
  • • Multiple domains

Rate Limiting

Prevent abuse and control resource usage.

  • • Messages per hour
  • • IP-based limiting
  • • Session controls

API Key Protection

Additional authentication layer for sensitive deployments.

  • • Unique API keys
  • • Usage tracking
  • • Instant revocation

Compliance & Certifications

Data Protection
GDPR
EU Data Protection
CCPA
California Privacy Rights
PIPEDA
Canadian Privacy
Security Standards
SOC 2
Type II Certified
ISO 27001
Information Security
OWASP
Security Best Practices

Security Best Practices

Recommendations for Users

Use Strong Authentication

Enable two-factor authentication and use strong, unique passwords

Protect API Keys

Never expose API keys in client-side code or public repositories

Configure Domain Whitelisting

Always specify allowed domains for chatbot embedding

Monitor Usage

Regularly review analytics and access logs for unusual activity

Keep Sensitive Data Minimal

Avoid sharing PII or sensitive information in conversations

Regular Security Reviews

Periodically review and update security settings

Security Incident Response

In case of security concerns or incidents:

Immediate Actions

  • 1. Rotate affected API keys immediately
  • 2. Review access logs for unauthorized activity
  • 3. Contact support at security@cleverai.app

Report Security Issues

Email: security@cleverai.app
Response time: Within 24 hours for critical issues

Secure Your Account

Review and configure your security settings for maximum protection.