AnswerHub
Login

AnswerHub Security Overview

This document explains the measures AnswerHub takes to protect your data. It covers our hosting and deployment arrangements, how we use artificial intelligence, backup procedures, encryption, authentication, email and payment processing, data retention, access controls, compliance, incident reporting, and our process for continuous improvement. For further questions, contact us at hello@answerhub.co.

1. Hosting & Deployment Solutions

  • Standard Hosting – US-Based: For most users, AnswerHub data is hosted on Azure servers located in the United States.
  • All EU Hosted Solution: Available for all paid plans, this solution uses only EU-hosted providers and exclusively employs EU-based hosting services. This setup helps meet regulatory or compliance requirements related to data residency.
  • On-Premise/Private Cloud Deployment: Designed for enterprise clients with custom regulatory or compliance needs, this method uses a simple Docker setup to deploy AnswerHub in your chosen environment, whether on-premise or within a private cloud.

2. Artificial Intelligence and Data Use

AnswerHub integrates artificial intelligence to process and deliver responses. We partner with established AI service providers that adhere to rigorous security standards:

  • Groq (LLM Inference): Groq handles language model inference and has achieved SOC 2 Type II compliance as of mid-2024. More details are available on Groq’s security page.
  • Azure OpenAI & Azure Tools: These providers are used for AI inference. Additional security information for Azure is available here.
  • Both AI inference providers do not train on or use user data.

3. Backups & Data Management

  • Daily Encrypted Backups: We perform encrypted backups of your data every day to ensure that a current copy is maintained.

4. Encryption

  • Data in Transit: All communications between client devices and our servers are transmitted via HTTPS with TLS 1.3 encryption.

5. Authentication

  • User Authentication: AnswerHub uses Slack SSO (OAuth) to manage user logins.

6. Transactional Email

  • Resend.com: Resend.com manages our transactional email services and is SOC 2 Compliant. More details can be found on their security page.

7. Payment Processing

  • Whop: Whop acts as the merchant-of-record and processes payments using Stripe. Stripe is certified to PCI Service Provider Level 1, the highest level of certification, and is the industry standard for secure payment processing. More information is available on Stripe’s security page.

8. Data Retention & Deletion

  • Automatic Deletion: Data is automatically deleted when AnswerHub is uninstalled from Slack or removed via the dashboard.
  • Manual Deletion: Data deletion requests are processed within 48 hours.

9. Access to Customer Data & Audit Policies

  • Controlled Data Access: Access to customer data is restricted to authorized personnel for support or debugging purposes. All such access is logged, with notifications issued as needed.

10. Compliance

  • AnswerHub adheres to GDPR standards for data processing and complies with European data protection laws.

11. Incident Response & Reporting

  • If you identify any security issues or have questions regarding our practices, please contact us at hello@answerhub.co.

12. Continuous Improvement

  • We continuously review and update our security measures in response to emerging challenges and feedback, ensuring our practices remain current and robust.