FluentChatFluentChat Docs
Reference

Security & privacy

How FluentChat isolates your data, protects credentials, and defends against malicious content.

Security is built into how FluentChat works. Here are the protections that matter most to you.

Isolation

  • Per-workspace. Your workspace's data is separated from every other workspace's — no one else can read or change it.
  • Per-agent. Within a workspace, each agent is its own island. Knowledge, actions, bound stores, and even cached answers belong to a single agent and never leak to another.

Credentials

Every secret you connect — store tokens, channel credentials, API keys — is encrypted at rest and never shown back to you (the dashboard only indicates that a credential is set). Exported agent templates are scrubbed of all secrets, so they're safe to share.

Safe handling of untrusted content

Anything the agent ingests from the outside world — product descriptions, crawled pages, uploaded documents, custom-tool responses, and visitor messages — is treated as untrusted. FluentChat sanitizes it before it reaches the AI so that hidden instructions ("prompt injection") can't hijack the agent.

Custom HTTP tools are additionally protected: they must use HTTPS, can't reach private or internal network addresses, don't follow redirects to internal hosts, and their responses can't speak with the platform's authority. See Custom tools.

What isn't logged

FluentChat avoids logging sensitive content. Message contents, secrets, and personal data are kept out of operational logs.

Data retention after cancellation

If you cancel, your data isn't deleted immediately — it's retained for a period so you can come back. See Managing your subscription.

Have a specific security or compliance question? Reach out to support with the details of what you need.

On this page