Trust Center

Trust, privacy, and AI data handling.

Public security and privacy information for customers, OAuth reviews, app marketplace reviews, and security teams evaluating Quickly.

Privacy Policy

Data collection, use, retention, and rights

Terms of Service

Customer responsibilities and AI terms

Security

Encryption, access, audit, and infrastructure

Security Review

Questionnaires, DPA, and architecture calls

Trust posture

Quickly handles customer data to operate the workflows customers configure. We avoid broad claims and document the controls that matter for an AI assistant with tool access.

No model training

  • Customer Data is not used to train foundation models
  • Google, Microsoft, Slack, SMS, voice, and integration data is used only to provide configured features
  • Prompts, outputs, retrieved context, and tool results are processed only to provide, secure, and monitor the Service

Data encryption

  • OAuth tokens and customer-managed credentials are encrypted at rest
  • Application data is isolated by workspace and protected by workspace membership checks
  • Production secrets are managed through Google Cloud Secret Manager and deployment-time configuration

Enterprise access controls

  • Admins configure users, roles, integrations, approval gates, and AI autonomy modes
  • Integrations can be disconnected from the Quickly dashboard or the provider account
  • Tool calls, workflow runs, admin actions, errors, and approvals are logged for audit and support

Transparency

  • Security, privacy, platform data handling, and subprocessor information are published here
  • Security questionnaires, DPAs, and architecture walkthroughs are available for business reviews
  • Workspace deletion and privacy requests can be initiated through product controls or support@askquickly.ai

Platform data handling

These disclosures are written for the integrations and app reviews teams commonly ask about.

Google Workspace

Gmail, Calendar, Drive, and related Google API data is used only for user-facing features you authorize and is handled under Google API Services User Data Policy Limited Use commitments.

Microsoft 365 and Teams

Microsoft Graph and Teams data is used only for authorized workspace, mail, calendar, file, identity, and chat features. It is not sold, used for advertising, or used to train foundation models.

Slack

Slack workspace, channel, user, message, thread, and file data is used to respond in configured Slack surfaces and maintain the context needed for requested actions.

SMS and voice

SMS and voice data is used to route, transcribe, summarize, respond to, and follow up on communications that customers configure. Customers are responsible for recipient consent and opt-out compliance.

Subprocessors

The providers below may process customer data to help us operate, secure, and support the Service. Third-party integrations you authorize may also receive data at your direction.

Google Cloud Platform
Hosting, databases, storage, queues, logging, secrets, and infrastructure
Application data, files, logs, secrets, metadata
Google Cloud Vertex AI
AI inference, embeddings, and model routing
Prompts, outputs, retrieved context, tool results, embeddings
Anthropic
Claude model provider through supported enterprise/API channels
Prompts, outputs, and relevant context needed for inference
Stripe
Billing, subscriptions, invoices, payments, and tax-related billing records
Billing contact, plan, invoice, payment, and usage metadata
Twilio
SMS, phone number, voice, and telephony features where enabled
Phone numbers, message metadata/content, call metadata, transcripts where configured
Resend
Transactional email
Email address, delivery metadata, and service email content
Upstash
Rate limiting, queues, and short-lived cache where used
Request metadata and short-lived operational data
Langfuse
LLM observability, traces, quality monitoring, and debugging
Prompts, outputs, tool metadata, token usage, latency, and diagnostic context, with PII masking controls

Compliance status

We maintain SOC 2 compliant controls and will only claim an independent SOC 2 report after the review has been completed.

SOC 2
SOC 2 compliant controls are implemented; independent report not yet claimed
GDPR
DPA, subprocessors, and privacy rights workflow available for business customers
DPA
Available on request for business customers
Privacy rights process
Access, correction, deletion, portability, and opt-out requests handled through support@askquickly.ai
Security review
Questionnaires and architecture walkthroughs available through the contact form

Need more detail?

We can complete security questionnaires, provide a DPA where applicable, and walk your team through Quickly's architecture.

Request a security reviewTechnical security details