Security Overview

This page describes our security approach at a high level for transparency. It does not create contractual commitments. Our Terms of Service, Privacy Policy, and any Data Processing Addendum (DPA) govern.

MySalesSquad.AI is currently an invite-only beta. The Service may change frequently, and we do not provide an SLA or availability guarantee.

Overview

We design the Service to protect the confidentiality, integrity, and availability of data.

Security is a shared responsibility:

• We are responsible for securing the Service and our infrastructure.
• You are responsible for securing your accounts, devices, and how you use the Service.

We use common security practices and frameworks as guidance for prioritization and continuous improvement, including application security verification practices and incident response lifecycle concepts.

Access controls

Authentication

• Access to the Service requires authentication (for example, password sign-in or a supported identity provider).
• Access to workspaces and features is restricted based on account and workspace permissions.

Sessions and request protection

• Sessions are managed using secure session cookies.
• We use protections designed to reduce common web risks, such as CSRF protection for state-changing requests and rate limiting on sensitive endpoints.

Internal access

We restrict access to production systems and data to those who need it to operate and support the Service, and we adjust access as the Service evolves.

Encryption

In transit

We use encryption in transit (TLS) for connections to the Service and between the Service and supported providers where available.

At rest

We rely on encryption and access controls provided by our hosting and database providers where available, and we use reasonable measures to protect credentials and secrets.

Monitoring and vulnerability management

We use logging and monitoring to help detect and investigate reliability and security issues.

If you believe you have found a security vulnerability, please email security@mysalessquad.ai with:

• a description of the issue
• steps to reproduce
• affected URLs or components
• any supporting logs or screenshots

Please do not publicly disclose the issue until we have had a reasonable opportunity to investigate and mitigate it.

Incident response and reporting

We maintain an incident response process designed to:

• assess and contain incidents
• reduce impact and restore service
• communicate appropriately with affected parties

If we become aware of a security incident that impacts Customer Content or Personal Data, we will provide notice without undue delay and consistent with applicable law and any DPA in place.

Subprocessors

We use third-party vendors to operate the Service (for example, hosting, email delivery, and AI processing). See our Subprocessors page for the current list.

Compliance and audits

We do not make representations that the Service is certified or compliant with any particular security standard.

As the Service matures, we may publish additional security documentation and controls appropriate for enterprise use.

Customer responsibilities

You are responsible for:

• using strong credentials and keeping them private
• limiting who has access to your account and workspace
• reviewing outputs before you use or share them
• complying with applicable laws and your internal policies
• keeping your own backups of content you want to retain (especially during beta)

Contact

Security reporting: security@mysalessquad.ai

Privacy: privacy@mysalessquad.ai

Support: support@mysalessquad.ai

Legal: legal@mysalessquad.ai