Skip to content

Trust

Security at Asklify

Security matters to us because Asklify handles your business knowledge and customer conversations. This page describes our general approach — we use industry-standard practices and continuously improve them.

Last updated: July 2026

Our approach

We follow industry-standard security practices to protect customer data, and we continuously improve our security infrastructure and processes as we grow. If you have specific security questions for a vendor review, we're happy to help — reach us at the contact below.

Encryption in transit

Traffic to Asklify — the dashboard, the API, and the embeddable widget — is served over HTTPS (TLS), so data is encrypted while moving between your users, our servers, and the services we rely on.

Secure authentication

  • Passwords are never stored in plain text — they are stored using one-way hashing so the originals cannot be recovered.
  • Dashboard sessions use signed, expiring tokens.
  • Programmatic access uses API keys that you can revoke at any time.
  • The embeddable widget uses a public project identifier, not your secret keys — your secret keys stay on your server.

Data privacy & isolation

Asklify is multi-tenant: each workspace's knowledge, conversations, and settings are kept separate and are only accessible to that workspace's members. We access customer content only when necessary to operate, support, or secure the service.

Infrastructure protection

We run on reputable cloud infrastructure. Access to production systems is limited to authorized personnel on a need-to-know basis, and we take regular automated backups of core data to support recovery. We monitor the platform for availability and errors. Payment card details are handled by our third-party payment processor — Asklify does not store full card numbers.

AI and your data

We do not intentionally use your content to train our own AI models. Requests sent to third-party AI providers to generate responses are processed according to those providers' respective policies and agreements. We send providers only what's needed to answer a given request.

Your responsibilities

  • Use a strong, unique password and keep your credentials private.
  • Keep your API keys secret and revoke any that may have been exposed.
  • Restrict where your widget can be embedded before you launch.
  • Avoid uploading sensitive personal data you don't have a lawful basis to process.

Responsible disclosure

We welcome reports from security researchers. If you believe you've found a vulnerability, please email hello@asklify.in with details and steps to reproduce. Please give us a reasonable time to investigate and address issues before public disclosure, and avoid accessing or modifying other users' data while testing. We appreciate good-faith reports.

Continuous improvement

Security is an ongoing effort. We regularly review and strengthen our practices, and we'll update this page as they evolve. For questions, contact hello@asklify.in.