Zubby AI
  • Pricing
Sign inStart free trial
Trust

Enterprise plumbing. None of the drama.

Tenant isolation by store_id. Encrypted credentials with constant-time compare. GDPR / CCPA pipelines with a dedicated worker. Audit log on every action. Turnstile bot protection. Built so the security review is a 15-minute call, not a six-week trade.

Start free trialRequest DPA
zubby · live●●●

Answer engine summary

What is enterprise security for an AI sales agent?

Enterprise security for an AI sales agent means three things: tenant isolation that doesn't leak between merchants, credentials that can't be exfiltrated from the database, and lifecycle controls that satisfy GDPR / CCPA without ad-hoc engineering. Zubby scopes every row in the data model to a store_id and routes every query through that scope — no cross-tenant code path exists. Credentials (Shopify access tokens, WooCommerce plugin tokens, connector API keys) live encrypted at rest with a per-app key derived from DATA_ENCRYPTION_KEY; verification uses constant-time compare. A dedicated GDPR worker handles data-request, erasure, and shop-redact webhooks with five retries on exponential backoff, and an audit log records every dashboard action with actor, target, and timestamp. TLS terminates at the edge for every public endpoint, Postgres connections run over SSL, Cloudflare Turnstile gates conversation start under suspicious patterns, and EU + US data residency is selectable on signup.

  • store_id tenancy

    No cross-merchant query path in application code.

  • Encrypted at rest

    Per-app key derivation; constant-time compare for verification.

  • GDPR worker

    Dedicated retry-aware worker for data-request / erasure / shop-redact.

  • Audit log

    Every dashboard action logged with actor, action, target, timestamp.

How it works

Lifecycle controls, top to bottom

From the moment a credential lands in our database to the moment a shopper requests erasure — every stage is auditable.

1

Encrypt at rest

Tenant credentials and PII land encrypted with a per-app key derived from DATA_ENCRYPTION_KEY. No plaintext tokens on disk.

AES at the column level

2

Isolate by store_id

Application code routes every query through a tenant scope. Shared Postgres pool, but no path that crosses store boundaries.

schema-enforced tenancy

3

Honour requests

GDPR worker handles data export, erasure, and shop redact with 5 retries. The audit log records every action.

auditable lifecycle

Capabilities

What your security team will actually ask about

No theatre. Each capability maps to a question a sane infosec review will ask.

Tenant isolation by store_id

Every row, every embedding, every conversation, every journey state is scoped to your store_id. No cross-tenant query path.

Encrypted credentials

Shopify, WooCommerce, and connector tokens encrypted at rest with a per-app key. Constant-time compare on verification.

TLS everywhere

TLS at the edge for every public endpoint. SSL for Postgres connections. Private network for worker → Redis traffic.

GDPR / CCPA pipelines

Dedicated worker for Shopify data-request, erasure, and shop-redact webhooks. WooCommerce plugin exposes equivalents. 5 retries.

Audit log

Every dashboard action logged with actor, action, target, and timestamp. Exportable per-tenant.

DPA + privacy generators

Templated Data Processing Agreement and privacy policy generators that match your data flows. Localised per region.

Turnstile + rate limits

Cloudflare Turnstile gates conversation start under suspicious patterns. Upstash rate limits on every public endpoint.

EU + US residency

Pick your region on signup. Data stays inside that region. APAC available on request for enterprise contracts.

Audit log sample

Every dashboard action — actor, target, timestamp

dashboard / audit-log
live
ActorActionTargetTime
amaya@acme.comcredential.rotateklaviyo · api_key2026-05-15 09:14:02
gdpr-workererasure.completeshopper · sh_2a4f2026-05-15 08:51:18
systemwebhook.receivedshopify · shop_redact2026-05-15 08:51:09
ben@acme.comjourney.publishvip-upgrade · v42026-05-14 17:33:48
amaya@acme.cominvite.sendlily@acme.com · admin2026-05-14 14:02:10
ben@acme.comknowledge.uploadshipping_policy_v3.pdf2026-05-14 11:18:55
Constant-time compare

every token verify

PII redaction

in worker logs

Anomaly alerts

on key rotation

Where it runs

Ships on every ecommerce stack worth shipping on

One control plane, three deploy targets. The widget, recovery engine, and AI agent run identically across platforms.

Shopify

Supported

Native Shopify app — Theme App Extension widget, Bulk GraphQL catalog sync.

Open guide

WooCommerce

Supported

WordPress plugin signs into the same SaaS — full catalog, cart, and order events.

Open guide

Hosted Widget

Supported

Drop-in JavaScript widget for headless stacks, custom stores, and BigCommerce.

Open guide

FAQ

Frequently asked questions

How is tenant data isolated?

Every row in our data model is scoped to a `store_id`. There's no cross-store query path in the application code — the embedding index, conversation history, customer records, and journey state are all keyed on store_id. Database connection pool is shared but every query carries the scope as a WHERE predicate.

How are credentials stored?

App-level encryption uses a derivation from DATA_ENCRYPTION_KEY (falling back to AUTH_SECRET / NEXTAUTH_SECRET if unset). Shopify access tokens, WooCommerce plugin tokens, and connector credentials live encrypted at rest in the `stores.access_token` column and related fields. Verification uses constant-time compare so timing attacks aren't a concern.

What about GDPR and CCPA requests?

We ship a dedicated GDPR worker. Shopify webhook callbacks for data request, data erasure, and shop redact route through it; for WooCommerce the plugin exposes equivalent endpoints. The worker runs with 5 retries on exponential backoff so a failed external API call doesn't silently drop a legal obligation. Privacy and DPA generators are also bundled.

Is data encrypted in transit?

All public endpoints — the merchant dashboard, the widget, the webhook ingress, the public REST API — terminate TLS at the edge. Connections to Postgres go over SSL. Internal worker traffic to Redis runs over a private network.

Where is data stored?

Primary data lives in Postgres (with pgvector for embeddings) in the region you select on signup. EU and US regions are available; we'll add APAC if a customer pushes us there. Redis backs the queue and can be co-located with Postgres for latency.

Do you have an audit log?

Yes. Every dashboard action — invites, role changes, integration credential rotation, journey publish, knowledge upload, erasure request — emits an audit event with actor, action, target, and timestamp. The log is exportable per-tenant.

What about bot protection?

Cloudflare Turnstile gates conversation start on suspicious traffic patterns. Optional and configurable per store. Behind the proxy, rate limits on every public endpoint (Upstash-backed) prevent abuse from burning AI tokens.

Can our security team review you before we deploy?

Absolutely. We provide a security questionnaire packet on request, plus a DPA, sub-processor list, and a runbook for shared incident response. Enterprise contracts include named contacts and an annual review cadence.

Keep exploring

Pairs well with

Integrations Overview

Encrypted credentials, DLQ, audit log — security primitives that apply to every connector.

Knowledge Base AI

Tenant isolation extends to your knowledge base — no cross-store retrieval, ever.

Analytics & Attribution

PII redaction in the event store; full export via the public API for your warehouse.

Security review without surprises

The AI tool your CISO doesn't block

DPA, sub-processor list, GDPR worker, audit log — request the packet and we'll send it within the day.

Start free trialRequest DPA

Footer

Zubby AI

The AI sales agent for Shopify and WooCommerce. Learns your store, guides shoppers in real time, and recovers the revenue you would have otherwise lost.

System status

Product

  • All Features
  • AI Sales Agent
  • Cart Rescue
  • Widget Designer
  • Multi-Language
  • Pricing
  • Changelog

Solutions

  • Solutions Hub
  • Cart Recovery
  • Product Discovery
  • 24/7 Support
  • Upsell + Cross-sell
  • Conversion Optimization

Industries

  • Fashion & Apparel
  • Beauty & Cosmetics
  • Electronics
  • Jewelry & Accessories
  • Food & Beverage
  • Health & Wellness

Integrations

  • Shopify
  • WooCommerce
  • All integrations
  • vs Rep AI
  • vs Tidio
  • vs Klaviyo
  • vs Gorgias

Resources

  • Documentation
  • Guides
  • ROI Calculator
  • Glossary
  • Answers (AI Q&A)
  • Blog
  • Case Studies

Company

  • About
  • Careers
  • Contact
  • Trust
  • Security
  • Status
  • Privacy
  • Terms

© 2026 Zubby AI, Inc. All rights reserved.

Built for merchants.Made with care.