Yes. Quickchat AI may use third-party APIs (such as OpenAI, Anthropic, Gemini, Groq) strictly for inference and standard processing. Data sent to these providers is not used to train or improve their underlying models.

Yes. Enterprise customers can deploy self-hosted open-source LLMs (such as Llama, DeepSeek, gpt-oss or any open source model available on platforms such as Hugging Face) on their own cloud infrastructure for full data isolation and control. Typical infrastructure costs range from $5,000-$10,000/month depending on model size and compute requirements.

Quickchat AI uses: (i) Google Analytics - web analytics, (ii) Google Cloud Platform - cloud computing, (iii) Datadog - infrastructure monitoring and security telemetry, (iv) PostHog - product analytics, (v) HubSpot - customer relationship management. All subprocessors comply with enterprise security standards and contractual obligations.

All customer data is securely stored on Google Cloud Platform (GCP) infrastructure located in Belgium, Europe. Knowledge bases are logically separated per customer and protected with enterprise-grade cloud security controls.

Yes. Data is encrypted: (i) in transit, using TLS encryption, and (ii) at rest, using cloud provider encryption standards. This applies to stored content, API communications, and internal services.

Yes. Each customer environment is tenant-isolated to prevent cross-access and unauthorized exposure.

Yes. Quickchat AI complies with GDPR requirements. Personal data handling, processing limitations, and data subject rights are governed by the Privacy Policy and Data Processing Agreement (DPA).

Yes. A DPA is available and required when Quickchat AI may process personal data on behalf of customers - including theoretical access scenarios. Personal data processing is also governed by the Privacy Policy, GDPR Statement and the Data Security Policy (on request).

Quickchat AI is actively aligning with the EU-US Data Privacy Framework (DPF) to simplify lawful cross-border data transfers.

Quickchat AI only processes PII when explicitly provided by customers for business use cases. PII protection is governed by GDPR compliance policies and contractual safeguards. Conversations can be scrubbed of Personally Identifiable Information (PII) before any LLM processing on client's request.

Data is retained only for the duration necessary to provide services or meet legal obligations. Retention does not exceed: (i) Customer consent period, (ii) Contract duration, and (iii) Applicable limitation periods for claims.

Yes. Customers may request account and content deletion at any time by contacting Quickchat AI support. Deletions follow secure data erasure procedures.

Quickchat AI is actively pursuing SOC 2 compliance to strengthen enterprise security posture and meet procurement requirements.

Yes. Quickchat AI conducts periodic third-party security assessments and penetration tests. We also provide standardized security documentation on client's request.

Available documents include: (i) Data Security Policy (on request), (ii) Privacy Policy, (iii) GDPR Statement, (iv) Data Processing Agreement (DPA), (v) Penetration Test Report (on request).

Access is strictly limited to authorized personnel on a need-to-know basis and governed by role-based access control (RBAC) and audit logging.

Only when explicitly authorized by the customer and strictly for troubleshooting or support activities.

Yes. Enterprise agreements may include: (i) Service Level Agreements (SLAs), (ii) availability commitments, and (iii) support response time guarantees.

Contracts explicitly state that: (i) customers retain ownership of all input content and proprietary knowledge, (ii) Quickchat AI does not claim ownership over customer data.

Yes. Enterprise agreements can be negotiated to include customized legal, security, compliance, and data protection clauses.

Yes, but only with prior written consent from Quickchat AI. This is commonly approved when required for contractors, partners, or service providers performing contractual obligations.

Quickchat AI supports multiple deployment models to meet enterprise infrastructure and compliance requirements.

• Standard Cloud Deployment - Quickchat AI manages infrastructure and hosting with enterprise security standards.
• Private Cloud Deployment - Enterprises can request dedicated environments with isolated compute resources.
• Self-Hosted LLM Deployment - Organizations can run open-source LLMs on a selected cloud platform. This provides full control over data flows, no dependency on third-party AI providers, and maximum regulatory compliance.
• On‑Premises Deployment - Organizations can deploy Quickchat AI on their own infrastructure, ensuring full control over data flows and regulatory compliance.
• Hybrid Architecture - Some customers choose hybrid setups - using Quickchat's orchestration layer while hosting LLM inference privately.

Yes. Continuous monitoring via Datadog and GCP infrastructure ensures uptime, performance, and anomaly detection. Our users can monitor the system status on our status page: https://status.quickchat.ai.

Yes. Quickchat AI maintains internal procedures for detecting, responding to, mitigating, and communicating security incidents in line with industry best practices. All incidents are communicated to our customers on our status page: https://status.quickchat.ai.

Quickchat AI is designed with an enterprise-first architecture focused on grounded responses and controlled knowledge retrieval rather than open-ended generative output. Key mechanisms include:

• Retrieval-Augmented Generation (RAG) - Our proprietary RAG and reranking systems use advanced data modelling to ensure your AI stays grounded in your knowledge base. AI responses directly connected to your approved knowledge sources (documents, help centers, internal wikis, databases).
• Source-Constrained Answering - Administrators can restrict agents to only respond using connected data sources. If no verified answer exists in the knowledge base, the assistant can be configured to: (i) ask clarifying questions, (ii) escalate to a human agent, or (iii) return a "no answer found" response. This significantly reduces hallucinations and misinformation risks.
• Continuous Knowledge Updates - Quickchat AI automatically syncs with connected sources, ensuring AI answers remain up-to-date without manual retraining.
• Prompt Governance & Behavior Controls - Enterprises can define system instructions, tone constraints, and response rules to ensure consistent, compliant output across teams and channels.

Quickchat AI provides enterprise-grade observability and traceability features that support compliance, quality assurance, and operational oversight.

• Conversation Logs & History - All AI interactions can be logged and reviewed by authorized administrators for: (i) quality assurance, (ii) compliance auditing, (iii) agent training optimization, and (iv) dispute resolution.
• Source Attribution (Explainability) - Quickchat AI can display which internal documents or knowledge sources were used to generate responses. This allows teams to: (i) validate AI outputs, (ii) identify outdated content, and (iii) improve documentation quality.
• Analytics Dashboard - Administrators can monitor: (i) usage volume, (ii) resolution rates, (iii) escalation frequency, (iv) top user questions, and (v) knowledge gaps. This enables continuous performance optimization.
• Human-in-the-Loop Review - Teams can review flagged conversations and refine AI behavior based on real usage patterns.