Security FAQ
Your data security and privacy are our top priorities. Here’s how Turtle AI Mate ensures your information is safe.Data Handling
Q: Do you store my data? We store only the minimum data necessary (account info, settings, agents, and notes you explicitly save). Conversations with AI are temporarily processed to generate responses. Q: Are my connected tools safe? Yes. Integrations (Gmail, Calendar, Drive, HubSpot, Jira, etc.) are connected via OAuth 2.0 — the same secure industry standard used by Google and other providers. You can revoke access anytime.WhatsApp Security
Q: How secure is WhatsApp integration?- Your phone number must be verified before enabling.
- Conversations on WhatsApp are encrypted end-to-end by WhatsApp.
- Only the verified user can send/receive agent outputs.
Billing & Payments
Q: How are payments processed? All payments are handled through Google Play billing. We do not store your card or payment details. Q: Is my subscription safe? Yes. Subscription status is validated through Google Play + RevenueCat, ensuring no tampering or misuse.Access Control
Q: Who can see my data? Only you. Each account is tied to your verified email/phone. Agents and tasks are private to your account unless explicitly shared. Q: Can I revoke integrations? Yes. You can disconnect tools from Settings → Integrations or directly in your provider’s account (Google, HubSpot, etc.).Technical Safeguards
- OAuth 2.0 authentication for all integrations.
- End-to-end encryption for WhatsApp messages.
- Encrypted storage of access tokens.
- Regular security audits of APIs and infrastructure.
- Compliance-first approach: Google OAuth verification, secure API scopes, and permission minimization.
Future Roadmap
- SSO support (Google/Slack login).
- Organization-level role-based access controls.
- Advanced audit logs for Business plans.
Q: What should I do if I notice suspicious activity? Immediately revoke integration access and contact support at [support@turtleaimate.com].