Zubby Security & Compliance
Zubby AI is the AI sales agent your security team can sign off on. Per-tenant AES-256-GCM encryption, SOC 2 Type I in progress, GDPR and CCPA pipelines wired into first-class background workers, and EU plus US data residency. Every claim on this page links to the code that backs it.
Published 2026-05-19
Type I
SOC 2
Audit in progress
At rest
AES-256-GCM
AAD-bound per tenant
In transit
TLS 1.3
HSTS preloaded
DSAR SLA
48h
Export or erasure
Every page is dated, plain-English, and code-anchored
We document the controls we have, the ones we are working on, and the ones we do not — so your security review is a fast yes or a fast pass, not a six-week trade.
Trust
GDPR Compliance
Article-by-article mapping. Data subject rights resolved in 48h. Erasure endpoint /api/v1/merchant/gdpr/delete. EU SCCs and Transfer Impact Assessment available.
Trust
Data Processing Agreement
Counter-signed DPA on every Pro and Enterprise plan. EU SCCs Module 2, UK IDTA, Swiss FADP. Sub-processor list with regional alternatives. Downloadable PDF.
Trust
CCPA & US State Privacy
California CPRA, Colorado CPA, Connecticut CTDPA, Utah UCPA, Virginia VCDPA. Universal opt-out signal (GPC) honored end-to-end. Service Provider terms in DPA.
Trust
Responsible AI
Multi-provider routing (OpenAI, Anthropic, Gemini, Azure). Prompt-injection detection. Per-store cost cap. Conversation data never used to train base models.
Trust
Security & Disclosure
AES-256-GCM at rest, TLS 1.3 in transit, scrypt password hashing, HMAC-SHA256 webhook verification, SSRF protection, magic-byte upload sniffing. Report vulnerabilities to security@zubbyai.com.
Trust
Live Status & Uptime
Real-time uptime for dashboard, widget chat, webhook ingress, BullMQ worker, and AI providers. Incident timelines published with root-cause analysis on resolution.
Security architecture at a glance
Zubby AI runs three deploy targets — Shopify embedded app, WooCommerce plugin, and a hosted storefront widget — against one multi-tenant backend. The runtime splits into three processes: a Next.js web app (dashboard, widget, public APIs, webhook ingress), a long-running BullMQ worker (catalog sync, embeddings, recovery emails, GDPR jobs), and a Postgres-plus-Redis data layer with pgvector for embedding search.
- Edge proxy. Every request to
/api/v1/*passes throughsrc/proxy.ts, which enforces Upstash-backed rate limits (widget 20 req / 10s, widget chat 6 req / 30s per key plus IP, webhooks 500 req / s per tenant bucket) and Shopify embedded-app session token verification before any route handler runs. - Tenant scope. Every row carries a
store_idpredicate. The widget cannot start a conversation without anx-widget-keyheader verified against the store's key — the proxy injects the resolvedstore_idinto downstream headers so route handlers never trust client-supplied tenancy. - Worker process. Ten BullMQ queues (catalog sync, embedding, document embedding, webhook processor, recovery email, journey execution, abandonment check, winback check, GDPR compliance, weekly digest) with retry-aware job options. GDPR jobs get 5 attempts on exponential backoff so an external API hiccup cannot drop a legal obligation.
Encryption everywhere
At rest. Per-tenant secrets are encrypted with AES-256-GCM, with ciphertexts bound to an AAD context of (tenant, column, provider, field). The implementation lives in src/lib/secrets.ts. The current version is enc_v2; a legacy enc_v1 path remains for backward-compatible reads. The derivation key comes from DATA_ENCRYPTION_KEY — production rejects startup if the key is missing or equals AUTH_SECRET.
In transit. TLS 1.3 terminates at the edge for every public endpoint: dashboard, widget, webhook ingress, public REST API. HSTS preload is enabled on the marketing and app domains. Postgres connections require SSL.
Passwords. Account passwords are hashed with crypto.scrypt using a 16-byte random salt and a 64-byte derived key. Verification uses crypto.timingSafeEqual, eliminating timing-side-channel disclosure of password guesses.
Identity, sessions, and access control
- NextAuth v5 JWT sessions with hard-invalidation on any credential change — rotating a password or revoking a session immediately terminates every in-flight JWT for that subject. Magic-link email login, Google OAuth, and credentials providers are supported with explicit account-merge guards: a Google sign-in cannot silently absorb a credentials-protected account with the same email.
- Per-tenant RBAC. Workspace roles (owner, admin, agent, viewer) gate every dashboard action. Invites are token-based and single-use. Role changes, integration credential rotations, knowledge uploads, and erasure requests emit an audit event with actor, action, target, and ISO timestamp.
- Public REST API authuses long-lived API keys with per-scope permissions (read:catalog, write:conversations, etc.). Keys are hashed at rest and verified in constant time. Per-scope rate limits prevent a leaked write-scope key from exhausting an account's AI budget.
Application-layer defenses
- HMAC-SHA256 webhook verification for Shopify (app secret), Stripe (stripe-signature header, idempotent handler keyed by event ID), WooCommerce (plugin-signed token compared via
crypto.timingSafeEqual), and Twilio. Replay attacks blocked by event-ID dedupe in the webhook processor. - SSRF protection. Every outbound HTTP call from user-controlled URLs (search-by-image, knowledge import, Loox pull, Klaviyo redirector) passes through
assertSafeOutboundUrlwhich blocks RFC 1918, link-local, loopback, and AWS metadata addresses, with DNS rebinding mitigation. - Magic-byte upload sniffing. Image uploads to the widget, knowledge base, and product catalog are validated against magic bytes — not the client-declared MIME type — so a renamed payload cannot bypass the type check.
- Cloudflare Turnstile gates conversation start on suspicious traffic patterns. Configurable per store; defaults to enabled for new workspaces.
Privacy lifecycle: export, erasure, retention
Privacy-rights fulfillment is a first-class background worker, not a ticket queue. The gdpr-compliance queue handles Shopify data-request, data-erasure, and shop-redact webhooks, plus WooCommerce equivalents, plus direct merchant requests via the dashboard. The endpoint /api/v1/merchant/gdpr/delete accepts a shopper identifier and emits a fanout: delete conversations, embeddings, journey state, customer record, AI tool-call logs, and CDN-cached avatars.
- Right of access.Export a shopper's data in JSON within 48h.
- Right to erasure. One-click delete propagates to every linked system, including embeddings and AI conversation logs.
- Right to data portability. Full JSON and CSV exports.
- Retention. Default conversation retention is 12 months; merchants can shorten it per store. Audit logs retained 24 months.
Operational excellence
- 99.9% uptime SLO on the merchant dashboard and widget chat API. Real-time status at /status with synthetic monitoring runs every 60 seconds.
- Sentry-instrumented Next.js runtimes (server, edge, client) plus the BullMQ worker. PII scrubbing applied before capture.
- Dead-letter queue replay. Failed background jobs land in a dedicated DLQ with merchant-visible replay tooling in the dashboard.
- Disaster recovery. Documented in DEPLOY.md. Postgres backed by managed point-in-time recovery; encrypted off-site snapshots daily. RTO 4h, RPO 1h.
Procurement and security questions?
We answer security questionnaires in 5 business days on Pro and Enterprise. For counter-signed DPAs, SOC 2 readiness letters, or a custom security review, talk to us.
security@zubbyai.comBring your security team. We will be ready.
DPAs, EU SCCs, sub-processor lists, SOC 2 readiness letters, pen-test summaries, and a Transfer Impact Assessment are available on request — typically within 24h.