BotDoc by MindBoticsBotDoc
How it worksPricingStart free trial

Security & data

How BotDoc handles your data

BotDoc is operated by MindBotics LLC. This page summarizes how your tenant's data is stored, isolated, and protected. For a custom DPA, security questionnaire, or anything not answered here, email security@mindbotics.ai.

Infrastructure

BotDoc is built on managed, security-audited platforms — we do not run our own servers or databases.

LayerProvider
Application hostingVercel (serverless, US region)
DatabaseSupabase (managed Postgres, customer data isolated by tenant ID)
AuthenticationClerk (managed identity)
BillingStripe (no card data ever touches our servers)
AI modelAnthropic Claude (server-to-server only)
Voice testingVapi + Twilio (server-to-server outbound calls)

Tenant isolation

Every record in our database carries an org_id denormalized onto the row, and every read and write in our data layer filters by that org_id. There is no path in the app that returns records across tenants. The organization ID comes from the authenticated session, not from request parameters.

Row-Level Security (RLS) is enabled on all tenant-data tables with no permissive policies, so the public anon key cannot read tenant data even if it were leaked. All reads and writes from the application use a server-only service-role key that never reaches the browser.

Authentication

User authentication is handled by Clerk. We support email + password and Google sign-in out of the box. Sessions are short-lived JWTs verified on every request. Multi-factor authentication is supported via Clerk for organizations that require it.

BotDoc supports organizations: a single user account can belong to one or more organizations, each isolated from the others. By default a new user has a personal tenant; teams can be set up under a shared organization.

Encryption

  • In transit: TLS 1.2+ everywhere — Vercel fronts the application; provider APIs (Supabase, Clerk, Stripe, Anthropic, Vapi) are all called over HTTPS.
  • At rest: Provided by Supabase's managed Postgres infrastructure. Backups are managed and encrypted by Supabase.
  • Secrets: All API keys, service-role keys, and provider tokens live as Vercel environment variables on the server side. They are never sent to the browser.

What we store

For each tenant, BotDoc stores:

  • Client records (name, vertical, agent configuration)
  • The current and prior versions of each client's web agent prompt
  • Test runs, test results, transcripts, and any voice call IDs / recording URLs returned by Vapi
  • Billing metadata (plan, status, Stripe customer ID — but never payment card data)

BotDoc does not collect end-customer data. The conversations it tests are between an AI tester and your client's AI agent — no real customer ever interacts with the system.

Public share links

When you generate a public share link for a test report, the URL contains a 22-character random token (128 bits of entropy). The link is unguessable, gives read-only access to scores and findings only — never the full transcript, recording, or synthesized updated prompt — and can be revoked at any time from the report page.

Retention & deletion

Your tenant data is retained for the lifetime of your account. If you cancel, the data remains so you can reactivate without losing history. If you need a full deletion (right to erasure or end of relationship), email security@mindbotics.ai and we will delete your tenant's data, with confirmation, within 30 days.

Deleting a client cascades to all of its prompt versions and test runs automatically.

Contact

Security questions, DPA requests, incident reports, or anything else not covered here:

security@mindbotics.ai

This page reflects the current architecture. We do not at this time claim formal certifications (SOC 2, ISO 27001) for BotDoc itself; we rely on the audited certifications of our underlying providers (Vercel, Supabase, Clerk, Stripe). If your procurement process requires a specific framework, get in touch.