We take security seriously. Here's how we protect your data and your customers' information.
From infrastructure to application code, we implement security best practices throughout our stack.
All data is encrypted both in transit and at rest.
Industry-standard authentication practices.
Secure, modern infrastructure with automatic updates.
Protection against abuse and brute force attacks.
Every input is validated and sanitized.
Role-based access with least-privilege principles.
Every response from our API includes security headers that protect against common web vulnerabilities.
These headers prevent clickjacking, XSS attacks, MIME-type sniffing, and enforce HTTPS connections.
Verify these headers yourself using browser developer tools or tools like securityheaders.com
We offer multiple integration options to meet your security requirements.
Our standard widget uses a lightweight JavaScript file loaded directly on your page.
For maximum isolation, embed the widget in a sandboxed iframe that cannot access your page's DOM or cookies.
If your site uses a Content Security Policy, add these directives to allow the Tailore widget:
The style-src 'unsafe-inline' is required for the standard embed. The iframe embed does not require this.
We collect only what's necessary and protect everything we store.
Our widget collects minimal data necessary for chatbot functionality:
We do NOT collect: IP addresses for tracking, personal identifiers, cross-site tracking data, or third-party analytics.
Request a copy of all data associated with your account
Request complete deletion of your data at any time
Export your data in standard formats
Update or correct any inaccurate information
We appreciate the security research community and welcome responsible disclosure of any vulnerabilities.
If you discover a security issue, please report it to us privately. We commit to:
Please send security reports to:
[email protected]Please include detailed steps to reproduce the issue and any relevant proof-of-concept code.
We're happy to discuss our security practices in more detail. Contact us to learn more.