Security & Trust安全與信任
Built for SMEs across every industry, with privacy and security designed in from the start. 為各行各業中小企而設,從一開始就把私隱與安全納入設計。
How we protect you我們如何保護你
All traffic is served over HTTPS/TLS, so data moving between your customers, you and our servers is encrypted.所有流量均以 HTTPS/TLS 傳送,客戶、你與我們伺服器之間的數據在傳輸途中均經加密。
Your content and customer conversations are used only to power your own assistant — never to train shared or public models.你的內容及客戶對話只用於驅動你自己的助理 — 絕不會用於訓練共用或公開模型。
Every business's data, settings and keys are kept separate and access-controlled — one tenant can never see another's data.每間企業的數據、設定及金鑰均分開儲存並受存取控制 — 不同租戶之間無法看到對方的資料。
Admin sign-in is protected by password login with lockout on repeated failures, audit logging, and optional passkeys.管理登入設有密碼驗證、連續失敗鎖定、登入審計記錄,並可選用 Passkey 通行金鑰。
Designed around UK GDPR principles — data minimisation, purpose limitation, and your right to access, export or delete.按英國 GDPR 原則設計 — 數據最小化、用途限定,以及你查閱、匯出或刪除資料的權利。
It's your data. You can request an export or full deletion at any time.這是你的數據。你可隨時要求匯出或完全刪除。
What most platforms skip大多數平台都會略過的
Anyone can write "bank-level security" on a landing page. Here's what we actually run day-to-day — and how we test that it works. 任何人都可以喺網站寫上「銀行級安全」。以下係我哋實際每日運作緊嘅項目 — 同埋我哋點樣親自測試佢哋真係有效。
Your data lives on a server physically located in France — not routed through a US hyperscaler. That's a concrete data-residency answer, not a checkbox.你嘅數據存放喺位於法國嘅實體伺服器,並非經美國大型雲端商轉送 — 呢個係實質嘅數據駐留答案,唔係淨係剔個格。
Daily encrypted backups plus point-in-time recovery — and we run real restore drills on a scratch copy to prove they work, not just trust they're switched on.每日加密備份,加上時間點復原機制 — 我哋會喺獨立副本度做實際還原演練,證明真係得,而唔係淨係信「已經開咗」。
API keys and access secrets are encrypted with dedicated key-management tooling, kept separate from the running service. Even a stolen backup copy reveals nothing usable.API 金鑰同存取密碼都用專門嘅密鑰管理工具加密,同運行中嘅服務分開存放。就算備份副本外洩,都讀唔到任何有用資訊。
When someone asks to be forgotten, we can remove their data from every store — conversations, leads, message threads — in one action, and produce a verification report confirming it's gone.當有人要求被遺忘,我哋可以一次過清走佢喺所有系統入面嘅資料 — 對話記錄、客戶名單、訊息記錄 — 仲會出一份核實報告,確認真係刪除咗。
Firewalled servers, automatic banning of repeated break-in attempts, and key-only access for anyone managing the platform — there's no password to guess or steal.伺服器設有防火牆、自動封鎖反覆入侵嘗試,管理人員只可以用密鑰登入 — 冇密碼俾人估或者盜取。
Every admin sign-in is logged with who, when and where from — so if anything looks unusual, there's a clear trail to investigate, not a blind spot.每次管理員登入都會記錄使用者、時間同來源 — 如果有任何異常,都有清晰記錄可以追查,而唔係兩眼一抹黑。
Under the hood幕後運作
Five stages run on every single message — from understanding what was asked, to closing the loop on whether it actually helped. 每一句查詢都會行完以下五個階段 — 由讀懂客人問乜,到追蹤呢個答案最終有冇幫到手,缺一不可。
Natural-language understanding across 8 languages — extracting intent and meaning, not just matching keywords.支援 8 種語言嘅自然語言理解 — 拆解語意同意圖,唔係淨係夾關鍵詞。
Retrieval-augmented search runs against this business's live product and knowledge data — not generic internet training data — so answers reflect this week's stock, prices and policies.檢索增強搜尋會喺呢間商戶自己嘅實時產品同知識庫入面進行 — 唔係用網上通用訓練資料 — 確保答案反映緊呢個禮拜嘅存貨、價錢同政策。
The AI composes its reply from the retrieved facts only — every claim traceable back to a real source document, which keeps invented answers out of the conversation.AI 只會根據搜尋返嚟嘅資料嚟組織回覆 — 每一句都可以追溯返去一份真實嘅來源文件,避免「up橋」嘅答案出現。
When the AI is unsure, the question falls outside what it knows, or the customer sounds frustrated, the conversation is automatically routed to a human — carrying the full context across, so nobody repeats themselves.當 AI 唔肯定、問題超出佢識嘅範圍,或者客人聽落唔耐煩,對話會自動轉俾人手跟進 — 連埋完整對話背景一齊轉交,客人唔使再講多次。
Every conversation is logged and tagged with its outcome — resolved, escalated, became a lead — building a record this business's owner can act on, and the system can learn from over time.每一段對話都會被記錄低,並標註結果 — 已解決、轉咗俾人手定係變成咗客戶查詢 — 變成商戶可以參考嘅實在數據,亦都係系統長遠變得更聰明嘅基礎。
Questions about security?對安全有疑問?