Security & data handling

Handsom connects to your support and commerce systems to prepare internal support briefs. This page summarizes how access, credentials, model routing, approvals, and audit logs are handled.

Scoped access

Agents receive only the integration methods they are granted.

Encrypted credentials

Sensitive integration keys are encrypted before storage.

Approval gates

Sensitive writes can require human approval before execution.

Audit logs

Tool calls and approval outcomes are recorded for review.

FILE 01

Control summary

The table below is intended for security and IT review. We keep it specific so teams can quickly identify which controls are relevant to their approval process.

01
Transport encryption
Application traffic and provider API calls are sent over HTTPS/TLS.
Webhook callbacks, app sessions, and integration API calls should be configured over HTTPS in production.
02
Credential storage
API keys, OAuth tokens, and provisioned model keys are encrypted before persistence.
Credentials are resolved by the platform at execution time and are not exposed to the model as raw secrets.
03
Integration permissions
Agents only receive the integration methods granted to that agent or agent template.
For Support Assist, the default template uses a curated method set rather than broad access to every provider endpoint.
04
Write actions
Customer-impacting writes can be approval-gated before execution.
Refunds, replacement orders, profile updates, ticket changes, and similar actions can be reviewed by a human first.
05
Audit logs
Tool calls, gate decisions, execution results, durations, and related agent and assisted-ticket context are recorded.
Audit logs are designed to answer what ran, when it ran, which integration was used, and whether the call succeeded.
06
Source evidence
Support briefs can include links or references back to source records.
Examples include the Gorgias ticket, Shopify order, customer profile, tracking record, and relevant policy document.
07
AI provider routing
Customer-data workloads can be routed through approved model providers and provider policies.
We can configure provider allow/block lists, no-training preferences, zero-retention routes where available, and provider visibility per run.
08
Human-owned response
Handsom prepares internal context. Your team writes and sends every customer reply.
This keeps brand voice and final judgement with the support team while reducing investigation work.

Data processed

Handsom processes the minimum context needed to investigate a configured support case and prepare an internal note or proposed action. Exact fields depend on the integrations connected and the agent permissions granted.

Typical categories

Support ticket text and metadata
Order, fulfillment, refund, and return details
Customer profile attributes and recovery state
Shipping and tracking information
Subscription or returns context when connected
Uploaded policy and knowledge base documents
Internal notes, approvals, and audit events

AI provider policy

Model selection is part of the security posture. For customer support data, Handsom can be configured to prefer approved providers and policies rather than routing through an unrestricted provider pool.

Review points

  • 01Provider selection can be restricted for customer-data workloads.
  • 02No-training and zero-retention routes should be used where the provider supports them.
  • 03Provider, model, token usage, and cost can be captured for operational review.
  • 04Direct model-provider contracts can be evaluated for higher-volume customers that need stronger SLA or residency commitments.

Audit and evidence

Every support brief should be backed by source records where possible. Audit rows record tool execution and gate outcomes so customers can review what Handsom accessed and what action was taken.

Compliance status

Handsom is early and is not yet SOC 2 certified. We are building toward a stronger formal security program and can share current controls with design partners during vendor review.

Have questions?

We can walk through integration scopes, model-provider routing, data retention, audit logs, and approval settings before you connect production systems.