COMING SOON — Join the waitlist for early access
Account & Settings

Security & Privacy

Doughy takes the security of your data seriously. Here's how we protect your information.

Workspace Isolation

Every Doughy account operates in its own isolated workspace:

Your data is separate — contacts, properties, documents, and agent activity are completely isolated from other users
No cross-account access — agents in one workspace cannot see or interact with another workspace's data
Independent configuration — your settings, trust levels, and integrations don't affect anyone else

This isolation is fundamental to how Doughy is built, not a feature that can be turned off.

Encryption

All data is encrypted in transit and at rest using industry-standard encryption. Integration credentials are stored securely and never exposed in logs.

Access Controls

Email + password — with minimum complexity requirements
Session management — automatic timeout after inactivity
Team permissions — Admin, Member, and Viewer roles with different capabilities (Teams and Enterprise plans)

AI Data Usage

Your data is not used to train AI models. Your conversations, documents, and business data stay in your workspace.
Agent interactions are processed to provide responses but are not retained for model improvement.
You own your data. Export it anytime from Settings > Data Export.

Compliance

Data retention — we retain your data only while your account is active, plus 30 days after cancellation
Data export — download all your data in standard formats at any time
Data deletion — request complete deletion of your account and all associated data
Incident response — we maintain a security incident response plan and will notify affected users promptly if a breach occurs

Best Practices

We recommend these steps to keep your account secure:

1.Use a strong, unique password — don't reuse passwords from other services
2.Review Bouncer regularly — check your agents' activity feed weekly
3.Audit integrations — disconnect services you no longer use
4.Keep trust levels appropriate — don't set agents to Full trust unless you've validated their behavior
5.Monitor cost alerts — unexpected spending can indicate misconfigured automations
PreviousBilling & Plans
NextHelp & Support

On This Page

Workspace IsolationEncryptionAccess ControlsAI Data UsageComplianceBest Practices