Security at Siliquore AI

How we protect your business data, communications, and operations with enterprise-grade security practices.

Last Updated: May 2026 | Siliquore AI - a product of AllTekkies Services Pvt. Ltd.

        Our commitment: Security is not an add-on for Siliquore AI - it is built into the foundation. Every component of our platform is designed with the assumption that your business data is sensitive and must be protected at every layer.
    

HTTPS / TLS Encrypted GDPR Aligned Secure Credential Management Access Control Data Isolation Encrypted Storage

1. Data Transmission Security

All communication between your browser, our servers, and integrated third-party services is encrypted using HTTPS with TLS (Transport Layer Security). We enforce HTTPS across all endpoints - there are no unencrypted fallback routes.

TLS 1.2 minimum; TLS 1.3 preferred
All API calls between agents and external services use encrypted channels
WhatsApp communications are end-to-end encrypted by the WhatsApp Business API

2. Data Storage

Business data processed by Siliquore AI agents - including contact records, invoices, salary slips, bookkeeping entries, and campaign data - is stored securely in encrypted databases.

Current deployments use SQLite with access restricted to the application layer
The platform is architected to support migration to PostgreSQL or enterprise-grade databases (Oracle, MSSQL) as your business scales
Database files are never exposed directly to the internet
Backups are stored securely and access-controlled

3. Authentication & Access Control

Access to admin features, dashboards, and sensitive data is protected by authentication controls:

Admin login required to access visitor data, reports, or operational dashboards
Session-based authentication with secure session management
Credentials are never stored in plain text; environment variables isolate secrets from application code
Role-based access means agents and API integrations only access the data they need

4. Credential & Secret Management

All sensitive credentials - API keys, database passwords, email service tokens, WhatsApp access tokens - are managed through environment variables (`.env` files) and are never hardcoded into source code or exposed in repositories.

Secrets are separated from application logic at the architectural level
Production credentials are distinct from development and test environments
Third-party API keys are scoped to the minimum permissions required

5. WhatsApp & AI Agent Security

Our WhatsApp AI agents handle real customer interactions. We take the following steps to ensure those interactions are secure:

Customer phone numbers are never shared with external AI model providers in their raw form
AI conversation logs are retained only as long as operationally necessary
Agent logic is sandboxed - an agent handling marketing campaigns cannot access payroll data
All outbound messages are authenticated via the WhatsApp Business API using verified business accounts

6. Google Drive & Document Security

For clients using our Google Drive integration and document generation agents:

OAuth 2.0 is used for all Google Workspace integrations - we never store your Google password
Access is scoped to only the folders and files explicitly authorised
Generated documents (salary slips, invoices, certificates) are stored in access-controlled Drive folders
Authorisation can be revoked by you at any time via your Google account settings

7. Email Security

Automated emails sent via Siliquore AI (campaign emails, invoice notifications, enquiry confirmations) are delivered through authenticated SMTP channels:

SPF, DKIM, and DMARC alignment where supported by the sending domain
TLS-encrypted SMTP connections to mail service providers
Unsubscribe and opt-out mechanisms included in all marketing communications

8. Vulnerability & Incident Management

We take a proactive approach to security:

Regular review of dependencies and third-party libraries for known vulnerabilities
Security patches applied promptly when issues are identified
In the event of a data breach or security incident affecting your data, we will notify you promptly in line with applicable legal requirements

To report a security vulnerability, please email us at [email protected] with the subject line "Security Report". We investigate all responsible disclosures seriously.

9. Compliance

Siliquore AI is designed with data protection principles aligned to:

GDPR (General Data Protection Regulation) - data minimisation, purpose limitation, and right to erasure
India's DPDP Act (Digital Personal Data Protection Act, 2023) - lawful processing, data principal rights
WhatsApp Business Policy - opt-in consent for business messaging

We are not currently certified under ISO 27001 or SOC 2 but we architect our systems in alignment with these frameworks and aim for formal certification as the platform scales.

10. Your Responsibilities

Security is a shared responsibility. As a Siliquore AI user, you should:

Keep your admin credentials confidential and use strong passwords
Promptly report any suspicious activity or suspected unauthorised access
Ensure your own devices and networks are secure when accessing the platform
Only grant platform access to authorised members of your team

11. Contact Our Security Team

For security questions, incident reports, or data protection enquiries:

AllTekkies Services Pvt. Ltd.
Email: [email protected]
Phone / WhatsApp: +91 89553 21045
Subject line: "Security Enquiry" or "Security Report"