Enterprise-grade security & privacy
We take security and compliance seriously. FrontlineHQ protects your business data with industry-leading encryption, tenant isolation, and compliance standards.
Your data stays yours
Your data is only accessible to your AI agent and is never used to train models.
Data encryption
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). PII is encrypted with dedicated keys.
Tenant isolation
Every business gets isolated data access. Row-Level Security ensures no cross-tenant data leakage.
Built secure from day one
Every layer of FrontlineHQ is designed with security in mind — from database access to AI inference.
Role-based access
Control who can access what with 5 permission levels: Owner, Admin, Manager, Agent, Viewer.
Audit logging
Every action is logged — who did what, when, and from where. Full audit trail for compliance.
Prompt injection protection
Our RAG pipeline sanitizes all content before it reaches the AI, preventing prompt injection attacks.
GDPR compliant
Full GDPR compliance: data export, right to erasure, Data Processing Agreements, and transparent sub-processor list.
View GDPR policySOC 2 (Roadmap)
Coming soonSOC 2 Type II certification is on our roadmap. Our infrastructure already follows SOC 2 principles.
API security
Rate limiting, API key authentication, webhook signature verification, and comprehensive security headers.
Compliance & sub-processors
We are transparent about every third-party service that touches your data. Each has been evaluated for security and compliance.
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Database & Auth | US (AWS) |
| OpenAI | Embeddings | US |
| Anthropic | AI Responses | US |
| Cohere | Search Re-ranking | US/Canada |
| Vercel | Hosting & CDN | Global |
| Stripe | Payments | US |
| Resend | US | |
| Retell AI | Voice Agent | US |
We will notify you before adding or replacing a sub-processor that handles personal data. You may object to a new sub-processor within 30 days of notification. See our GDPR page for full details.
Ready to get started?
See how FrontlineHQ can automate your customer communication with enterprise-grade security built in.