Approved sources
Choose the pages, documents, policies, and product information the assistant can use.
Security
Trust built into every visitor answer
Launch a branded assistant with approved source scoping, privacy controls, access rules, and security documentation your review team can understand.
Enterprise reviewAES-256 encryptionZero data training
3-day free trial · No charge during trial
Trusted AI for your website
Put AI on your website with control.
InsertChat keeps answers tied to approved sources, on brand, and under your control before launch.
Source-backed answers
Show citations and links so visitors can trust the response.
Brand-safe behavior
Shape tone, wording, welcome messages, suggested prompts, and assistant behavior.
Access controls
Control who can manage sources, review conversations, update settings, and publish changes.
Private by default
Protect visitor and workspace data with secure controls.
Data flow
How data is handled
From approved sources and visitor conversations to retention, deletion, and privacy requests.
Data minimization
We collect only needed data, limit access, and delete it when no longer required.
Processing scope
Each deployment can define what source content, visitor information, and connected systems belong in scope.
Security review support
Security review can cover source scoping, access, encryption, retention, subprocessors, and rollout controls before launch.
Zero data training
Customer prompts, files, conversations, and visitor data are not used to train AI models.
Data retention
We retain customer data only as long as required to provide services or satisfy legal obligations, then securely delete it.
Data subject rights
We support access, rectification, erasure, portability, and restriction requests with systems designed for fast response.
Infrastructure
Infrastructure your team can review
Protection across hosting, application access, monitoring, and response.
Cloud security
- European infrastructure with DDoS protection
- Automated security patching and updates
- Isolated network environments
- Deployment review available for larger rollouts
Application security
- Secure coding practices and code reviews
- Regular penetration testing
- Vulnerability scanning and management
- Web application firewall (WAF)
Access controls
- Multi-factor authentication (MFA) required
- Secure authentication workflows
- Principle of least privilege
- Complete audit logs
Monitoring and response
- 24/7 security monitoring
- Real-time threat detection
- Automated incident response
- Comprehensive logging and alerting
Operations
How security work stays visible
The day-to-day practices that support the security setup.
Background checks
Team members complete background checks before accessing sensitive systems.
Security training
Regular security awareness training keeps every employee aligned with current best practices.
Incident response
Security issues are handled through documented response, escalation, and customer communication paths.
Security and compliance
Trust built into every answer.
Keep answers grounded, data protected, and compliance easy to review.
Interactive FAQ
Try the FAQ like a visitor.
Open product, pricing, security, integration, and free-tool questions in the same chat your visitors use.
InsertChat
Interactive FAQ
Hey. Pick a question below and see how InsertChat turns FAQs into clear, source-backed answers.
0 of 23 questions explored Instant FAQ answers
Security FAQ
Where is my data stored?
European servers. GDPR-ready, never used for training, and deletable at any time.
What is InsertChat, from a privacy standpoint?
InsertChat connects approved sources to AI models. Privacy depends on sources, enabled tools, and who can access the assistant.
What gets sent to AI model providers?
Your prompt and relevant context excerpts from connected sources are sent to the selected model provider to generate an answer.
Do you use our data to train models?
No. InsertChat never uses your data to train models.
Is my data isolated from other customers?
Yes. Data is scoped to your account and agents. Sources and conversations remain isolated.
Can I delete data?
Yes. Delete sources, conversation history, leads, and feedback at any time.
What data does InsertChat store?
Agent configuration, connected knowledge sources, and conversation data needed for the experience and analytics.
Can I keep an agent private?
Yes. Choose public or private agents depending on whether anyone or only authenticated users can access the embed.
Do you have role-based access controls?
Yes. Control who can manage agents and data with role-based access.
What is BYOK from a privacy standpoint?
You provide the model API key. Prompts and context still go to that provider, so review its policies.
Can I restrict what the agent can do?
Yes. Control tool enablement per assistant to limit actions to only what is necessary.
Can we limit exposure of sensitive data in the agent?
Yes. Scope sources to what should be answerable and limit tool enablement to only what is required.
Can I export or audit what users asked?
Yes. Analytics show what people ask. Contact us for exports for audits or internal reporting.
Do you support GDPR?
Yes. Full GDPR compliance with Data Processing Addendum (DPA) available on request.
Can you provide a DPA?
Yes. Our DPA covers processing obligations, subprocessors, and deletion/return terms. Contact us to request it.
Do you list subprocessors?
Yes. Subprocessors are documented in the DPA. Request it or contact us for details.
How do you handle security questionnaires?
Contact us and we provide the right documentation for your security review process.
Is InsertChat safe to embed on a public website?
Yes, when configured correctly. Ground answers in approved sources and keep tool access controlled.
What if we need a private deployment or special requirements?
Enterprise plans cover custom deployment, advanced controls, and procurement constraints. Contact us to discuss.
How do privacy requests work (access, deletion)?
Submit privacy requests through the contact page. We route them to the right process.
Where can I request security documentation?
Submit security inquiries through the contact page.
Do you support self-hosting?
Yes. Enterprise plans include self-hosting and bring-your-own-LLM options.
How do I evaluate InsertChat?
Start with non-sensitive data during the free trial. When ready, request our security questionnaire and DPA.
Need trust review before launch?
We can support security questionnaires, privacy review, DPAs, subprocessors, and rollout planning before a branded assistant goes live.
3-day free trial · No charge during trial