Security
Your chatbot. Your conversations. Your data.
When your customers talk to your chatbot, they're sharing real information with you. We take that seriously. Every message, every knowledge base document, and every integration is handled with strict isolation and encryption — so your data never bleeds into anyone else's system.
Conversation privacy, by design
Every message your chatbot sends or receives is treated as sensitive. Here's exactly how we handle it.
Never trained on
Conversations between your customers and your chatbot are never used to train, fine-tune, or improve any AI model — not ours, not the underlying LLM provider's. This applies to every plan, with no opt-out required.
No cross-tenant visibility
Your chatbot's conversation history is invisible to every other ContextGPT customer. Workspace data is partitioned at the database level — no shared tables, no shared indexes, no shared cache between accounts.
Delete on demand
Delete any conversation, any knowledge base document, or your entire account — and it's permanently removed from all storage layers within 24 hours. No grace period retention, no backup resurrection.
Your knowledge base stays yours
The documents, URLs, and files you upload to train your chatbot are proprietary. We treat them that way.
Isolated knowledge stores
Each chatbot's knowledge base — every uploaded PDF, URL, or text snippet — is stored in a dedicated vector index scoped to your workspace. No other chatbot on the platform can query your embeddings, intentionally or by accident.
- Per-workspace vector index isolation
- Source documents encrypted at rest
LLM data handling
When a user message is sent to an LLM for a response, only the minimum context needed is included. We use zero data retention agreements with our LLM providers — prompts and completions are not logged or used for training on their side either.
- Zero data retention with LLM providers
- Minimum-context prompt construction
Export & portability
You can export your entire knowledge base, all conversation logs, and your chatbot configuration at any time in standard formats. Your data is never locked in. If you leave, you take everything with you.
- Full data export available anytime
- Standard formats — JSON, CSV
Embed security
The chat widget lives on your website and interacts with your visitors. We've built the embed layer to be hardened against the threats that come with public-facing JavaScript.
Origin-locked embeds
Your chatbot widget only loads on the domains you authorize. Requests from unlisted origins are rejected at the API level — someone can't copy your embed code and run your chatbot on their site.
Scoped API tokens
The token embedded in your widget script is scoped to read-only chat operations for that specific chatbot only. It cannot access your account settings, other chatbots, or conversation history — even if exposed.
XSS-hardened rendering
Every chatbot response is sanitized through DOMPurify before it's rendered in the widget, with a strict tag and attribute allow-list. Links are automatically hardened with target="_blank" and rel="noopener noreferrer" to prevent tab-nabbing.
Rate limiting per visitor
Chat requests are rate-limited per visitor session and per IP. Automated bots spamming your chatbot are blocked before they hit your quota or abuse the system at scale.
Minimal visitor data by default
We log session metadata like IP address and timestamps for security and abuse prevention. Personal details like names and emails are only collected if you explicitly enable a pre-chat form — visitors are never forced to identify themselves.
Strict request validation
Every chat request is validated before it's processed — message length is capped, thread and page identifiers are checked against expected formats, and counters are clamped to safe bounds. Malformed or oversized payloads are rejected outright.
SQL injection protection
Every database query runs through parameterized queries via our ORM layer — user input is never concatenated into a SQL string. This closes off SQL injection as an attack vector by design, not by filtering.
CSRF-resistant by design
The widget authenticates with a token sent explicitly in the request body, not relied on through ambient cookies. That means cross-site request forgery can't succeed against your chatbot, regardless of where the request originates from.
Team & account security
Control who on your team can see and change what.
Role-based access per chatbot
Assign team members as Viewers, Editors, or Admins at the individual chatbot level — not just workspace-wide. A support agent reviewing conversations can't accidentally modify your chatbot's knowledge base or system prompt.
MFA on all accounts
Multi-factor authentication is available on all plans and enforced on all internal ContextGPT staff accounts. Admins can require MFA across their entire team from the security settings panel.
Full audit log
Every sensitive action in your workspace — configuration changes, knowledge base edits, API key creation, team member invites — is recorded with a timestamp and the acting user. You always know what changed and who changed it.
No ContextGPT staff access to your chats
Our engineering and support teams cannot read your chatbot's conversations without explicit written authorization from your account admin. All internal data access is logged, time-bounded, and tied to a support ticket.
Found a vulnerability?
If you've found a security issue in ContextGPT — the dashboard, the chat widget, or the API — please report it to security@contextgpt.in. We respond within 24 hours, won't take legal action against good-faith researchers, and credit those who help us improve.