Security & Compliance
ConversionIQ is an enterprise platform; security and compliance constraints are first-class.
Scope & isolation
Section titled “Scope & isolation”- Org scope: data is partitioned by organization.
- Workspace scope: data is partitioned by workspace (brand/business unit).
- Channels/credentials must be scoped to the owning org/workspace.
PII / sensitive data
Section titled “PII / sensitive data”- Minimize PII stored in logs and analytics events.
- Mask/omit secrets (tokens, API keys, phone numbers) in UI and logs.
- Support deletion/retention policies as required (TBD for MVP).
Audit logging (enterprise requirement)
Section titled “Audit logging (enterprise requirement)”Audit entries should exist for:
- Authentication events (sign-in, MFA, suspicious activity)
- User/role/permission changes
- Channel connections/disconnections
- KB edits/publish events
- Automation setting changes (e.g., auto-reply enable/disable)
- Billing and payment method changes
Compliance controls (MVP baseline)
Section titled “Compliance controls (MVP baseline)”- Workspace-level compliance policies that constrain AI outputs.
- Safe defaults: do not auto-reply unless explicitly enabled and gated by role/permission.
Threat model notes
Section titled “Threat model notes”- Prompt injection via inbound content (reviews, chat messages)
- Data leakage between workspaces/brands
- Over-permissioned roles
- Abuse of outbound messaging permissions