Your data, handled with care.
SmashOne holds your account, your connected channels, and the customer messages your assistant replies to. Here's exactly how we protect them — in plain language.
The essentials.
Four things we get right so you don't have to think about them.
Encryption
Traffic is encrypted in transit with TLS, and your data is encrypted at rest.
Access control
Two-factor authentication on accounts, and least-privilege access for our team — only what's needed to support you.
Your data is yours
We don't sell your data, and we never use your customers' conversations to train external AI models.
Backups & reliability
Regular backups and monitoring keep your cabinet running and your data recoverable.
What we hold, and where it lives.
What we hold
Your account details, the social channels you connect (via secure tokens — we never see your social passwords), your business catalog and FAQ, and the customer messages your assistant handles.
Where it lives
Your data is hosted in the United States with our infrastructure providers.
How long
We keep your data while your account is active, and delete or anonymise it after you close your account, per our Privacy Policy.
Who helps us run SmashOne.
We use a small set of trusted providers. Each handles a specific job — nothing more.
| Provider | What they do |
|---|---|
| DigitalOcean | Cloud hosting & databases (US) |
| Cloudflare | CDN, DNS & network protection |
| Google Cloud (Vertex AI) | The AI that drafts assistant replies |
| Stripe | Payments (PCI-DSS Level 1 provider) |
| Google Workspace | Transactional email (verifications, receipts) |
| Sentry | Error monitoring to fix issues fast |
This list can change as we improve the service; the current list is always in our Privacy Policy.
How the AI uses your content.
The assistant drafts replies from the business catalog, FAQ, and tone you configure. AI replies are clearly labelled as automated. We don't use your customers' conversations to train external models, and a human on your side can always step in.
Security in your hands.
A few controls you own — turn them on from your cabinet.
Two-factor authentication
Turn on 2FA in your cabinet settings.
Strong passwords
We enforce strong passwords and never store them in plain text.
Session control
Sign out of other sessions anytime.
Found a vulnerability? Tell us.
We welcome responsible disclosure. Email [email protected] with the details and steps to reproduce, and we'll respond. Please don't access other users' data or disrupt the service while testing.