Security

At Howsit AI, protecting your data and ensuring the confidentiality, integrity, and availability of our platform is a top priority. This Security Policy explains how we safeguard information, manage risks, and maintain a secure environment for all users.

By using Howsit AI, you agree to the practices described in this policy.

1. Physical Security

Howsit AI’s infrastructure is hosted with industry-leading cloud providers that maintain comprehensive physical security controls, including:

24/7 controlled access to data centres
Surveillance systems and intrusion detection
Redundant power, cooling, and fire suppression systems
Environmental monitoring

These measures help protect servers, storage systems, and networking equipment from unauthorised access or physical threats.

2. Network & Infrastructure Security

We employ robust network protections such as:

Firewall systems and intrusion prevention tools
Segregation of sensitive systems and services
Regular network monitoring and threat detection
Anti-DDoS defenses to protect against volumetric attacks

Network security controls are continuously evaluated and improved to respond to emerging threats.

3. Data Encryption

Data in Transit

All communications between your device and Howsit AI services use industry-standard encryption (such as TLS/SSL) to protect data from interception during transmission.

Data at Rest

Sensitive data stored in our systems is encrypted using strong encryption algorithms to protect against unauthorised access.

Encryption keys are managed securely in accordance with best practices.

4. Application Security

Our engineering and security teams follow secure development practices to minimise vulnerabilities:

Static and dynamic code analysis
Regular dependency and library vulnerability scanning
Secure-by-design principles
Release testing and approval prior to deployment

We also conduct internal and external security reviews to ensure applications are robust and resilient.

5. Identity and Access Management

Howsit AI implements strict access controls for both internal systems and user accounts:

Role-based access permissions
Multi-factor authentication (MFA) for administrative access
Password policies that enforce complexity and rotation
Least-privilege access principles

Only authorised personnel with valid business reasons can access production systems or sensitive user data.

6. Monitoring & Incident Response

We operate continuous monitoring systems to detect and respond to potential security events.

In the event of a suspected breach or security incident, we:

Activate our Incident Response Team
Contain and investigate the event
Remediate vulnerabilities
Communicate with affected parties as required

We also maintain logs for audit, compliance, and forensic purposes.

7. Vulnerability Disclosure & Responsible Disclosure

At Howsit AI, we support responsible security research.

If you identify a potential vulnerability in our platform, please report it securely to:

Security Contact: security@howsit.ai

Please include:

A detailed description of the issue
Steps to reproduce
Any relevant screenshots or evidence

We will acknowledge your report and work to address it promptly.

8. Data Backups & Availability

To ensure service continuity and mitigate data loss, we maintain:

Regular encrypted backups
Redundant storage and failover systems
Retention policies aligned with data protection regulations

These measures help maintain availability and recoverability in the event of system failure or disruption.

9. Third-Party & Vendor Security

We leverage trusted third-party services (such as cloud hosting, analytics, and identity providers) that meet recognised security standards.

Before onboarding vendors, we evaluate:

Security controls and certifications
Data handling and retention practices
Compliance with privacy and data protection regulations

Third-party access to systems and data is restricted and monitored.

10. Compliance & Certifications

Howsit AI operates with a commitment to compliance with applicable laws and regulations, which may include:

POPIA (Protection of Personal Information Act, South Africa)
GDPR (General Data Protection Regulation, EU)
International security best practices

Where relevant, we align with industry standards and frameworks to uphold security and privacy compliance.

11. Employee Training & Awareness

Security is everyone’s responsibility. All Howsit AI personnel complete regular training on:

Information security principles
Data protection and privacy requirements
Threat awareness
Secure coding and operational practices

Ongoing training ensures our team remains current with evolving risks.

12. Updates to This Policy

We may update this Security Policy to reflect changes in technology, legal requirements, or internal practices.

The latest version will be posted on our website with a revised effective date.

Your continued use of the Service after updates means you accept the revised policy.

Contact Us

If you have questions about this Security Policy or want to report a security concern, contact:

Howsit AI
Website: https://howsit.ai
Address:1 Bridgeway Road, Bridgeways Precinct, Century City, Cape Town, 7441

AI Whatsapp Agents

AI Instagram Agents

AI Facebook Agents

AI Website Agents

AI Shopify Agents

AI WooCommerce Agents

Integrations

Key Features

Analytics & Reporting

Marketing Automation

Appointment Bookings

Medical & Healthcare

Retail & Commerce

Online & Ecommerce

Learning & Education

Finance

Travel & Hospitality