Security posture

Security boundaries before real pilot data.

BizPilot treats public quote intake as a sensitive surface. The workflow is designed to keep access scoped, secrets out of source, and final customer messages under business control.

Last updated: June 16, 2026

Plain-language summary

BizPilot uses conservative safeguards for public quote forms, account access, secret handling, and AI text that the business approves before sending.

Reference

Public privacy and security references.

Office of the Privacy Commissioner of Canada: PIPEDAFederal privacy-law topics, including safeguards and compliance help.Opens in a new tab Commission d’accès à l’information du Québec: Law 25 changesQuebec privacy-law changes that affect private-sector organizations.Opens in a new tab

Technical notes and operating boundaries

Public quote hardening

Public quote pages validate active links, expected forms, consent, hidden fields, submit timing, and abuse signals before accepting synthetic or pilot submissions.

Tenant isolation

Business data access is controlled through authenticated membership, lifecycle status, and database row-level security. Service-role helpers must stay server-only.

AI safety boundary

AI output is a draft aid only. BizPilot must not auto-send, invent prices, confirm bookings, or act as a hidden operator.

Secret handling

Secrets must live in provider environment settings, not source code, logs, screenshots, docs, or commits. Missing keys should fail closed or use documented fallback behavior.

Backup and restore gate

DB-level export/restore proof passed for the synthetic target. Strict restored app/dashboard/RLS proof remains deferred to P1 before paid pilot, production migrations, destructive cleanup, bulk work, or broader scale.

This page is a product security summary. It does not replace a formal security review, incident response policy, or production backup drill.

Pricing