heybuddyBack to home
Trust

Security at HeyBuddy

Last updated: July 9, 2026

HeyBuddy processes data your business already trusts to its analytics, CRM, and support tools. Here is how we protect it. This page describes the technical and organizational measures referenced in our Data Processing Terms.

Tenant isolation

In short

Every customer's data is walled off at the database layer itself, not just in application code.

HeyBuddy is multi-tenant with isolation enforced structurally. Every table carries row-level security policies in PostgreSQL, so the database itself refuses cross-tenant reads and writes. The tenant identity used for every query is derived server-side from the authenticated session, never from request parameters. We run recurring automated isolation audits against this boundary.

Encryption

  • All traffic is encrypted in transit with TLS, and HSTS is enforced.
  • Data is encrypted at rest by our database provider.
  • Credentials for connected integrations (OAuth tokens for tools like HubSpot and Slack) are additionally encrypted at the application layer with AES-256-GCM before they reach the database.
  • Ingestion API keys are generated with a cryptographically secure random generator and stored only as SHA-256 hashes: we cannot read them back, and a database leak does not expose them.

AI data handling

In short

Our AI providers do not train on your data and do not retain it.

AI features run on models from Anthropic and OpenAI over API configurations with zero data retention. Providers may not use customer content to train their models. Only the data needed for a given task is sent, and prompts are not persisted by HeyBuddy beyond what the product shows you.

Access control

  • Dashboard access uses secure session cookies (httpOnly), with sensitive operations gated to organization admins and re-verified server-side.
  • Removing a team member revokes their sessions immediately.
  • Internal access to production systems is limited to the founders and used only to operate and support the Service.

Data lifecycle

Customers control their data throughout its life:

  • Per-individual erasure. We support deletion of a single end user's data on request, cascading through events, conversations, and derived records, with a non-personal audit trail of the erasure itself.
  • Export. Customer data is available for export during the term and for 30 days after termination.
  • Deletion on exit. After the export window, customer data is deleted within 60 days; encrypted backups are overwritten in the normal rotation cycle, no later than 90 days after.

Application security

  • All database queries are parameterized; user input is validated with strict schemas.
  • Inbound webhooks are signature-verified (HMAC with replay protection), and OAuth flows use CSRF-protected state.
  • Security headers are enforced across the application: HSTS, frame denial, content-type protections, and a content security policy.
  • Dependencies are audited for known vulnerabilities, and we run recurring internal security reviews of the codebase.

Subprocessors

The third parties that process customer data on our behalf are listed at joinheybuddy.ai/subprocessors, with a 30-day advance notice commitment for changes.

Reporting a vulnerability

If you believe you have found a security issue, email andrew@joinheybuddy.ai and we will respond promptly. Please give us a reasonable opportunity to fix an issue before public disclosure.

Security questionnaires: we are happy to complete them for customers and prospects. Send them to the same address.