CLOSER reads inbound messages, drafts replies in your voice, and sends them. Every byte is encrypted, every reply is logged, and nothing — not your inbox, not your customers' messages — is ever shared with another client, ever sold, or used to train public models.
Security isn't a checkbox. It's how the product is built — from the database schema up.
TLS 1.3 in transit. AES-256 at rest. Per-client KMS keys — even Agent Networks engineers can't read your customer messages without your written approval and a recorded audit trail.
Your data lives in its own logical tenant. Voice models are trained on your replies only. CLOSER cannot "see" any other client's inbox — not even other clients in the same vertical.
Every inbound, every draft, every sent reply, every escalation — logged with timestamp, channel, sender hash and reviewer. Export the whole audit trail any time. ICO will love you.
A message arrives. CLOSER replies. Here's every stop in between.
WhatsApp / Email / IG arrives via channel API (TLS 1.3)
Stored encrypted in your isolated UK database
Your voice model (yours only) generates a draft
Suggest mode: you tap send · Autonomous: rules check
Out through the same channel, logged with hash
30-day rolling log + on-demand export to your S3
What "GDPR-compliant" actually looks like once you read the small print.
| Capability | CLOSER | Generic AI chatbot | VA on Upwork |
|---|---|---|---|
| Hosted in UK | ✓ London (AWS eu-west-2) | ✗ Usually US | ✗ Anywhere |
| Per-client encryption keys | ✓ Yes | ✗ Shared | n/a |
| Voice model trained on shared data | ✓ Never | ✗ Often | n/a |
| Full audit log exportable | ✓ One click | ✗ Rare | ✗ Manual |
| Data deletion on cancellation | ✓ 30 days, certified | Varies | Trust-based |
| UK ICO registration | ✓ ZB123456 | Varies | n/a |
| Cyber liability insurance | ✓ £10m | Their problem | None |
Most legal & IT teams ask the same eight things. Here they are.
AWS London (eu-west-2). Encrypted at rest with per-client KMS keys. Daily backups stay in the same region — nothing replicates outside the UK without your written instruction.
You and the users you invite. CLOSER's automation reads them to draft replies. No human at Agent Networks reads them without a written support ticket from you — and that access is logged and surfaced in your audit trail.
Only your own voice model is trained on your data — and only your data. We don't pool clients' replies. We don't sell, license, or share your message contents with anyone, ever, including our model vendors.
You are the data controller; we are the processor. There's a DPA in your contract (template available on request before signature) that covers retention, sub-processors, breach notification (72h), and your right to audit.
Day 0: replies stop. Day 1–29: your data is in cold storage, restorable if you change your mind. Day 30: certified deletion. We issue a signed deletion certificate within 7 days of that.
CLOSER flags abusive content, refuses to reply to obvious spam/phishing, and escalates anything that mentions self-harm or safeguarding directly to you with the channel and timestamp.
Independent UK pen-test by NCC Group (Nov 2025). Report available under NDA. SOC 2 Type II in progress — target completion Q3 2026. We don't gate the report behind a sales call.
Detection in <5 min via our SIEM. Containment SLA: 30 min. Customer notification SLA: 4 hours. ICO notification (if applicable): 72 hours. Post-mortem published publicly within 14 days on /status.
SOC 2 progress letter, pen-test summary, sub-processor list, sample DPA, and the data-flow diagram in full. We send it before you ask for it.