Agency Chat enforces strict tenant isolation, encrypts all data in transit and at rest, and stores everything on UK-based servers.
Every business table carries an agencyId. Isolation is enforced at the database column, Prisma middleware, API route guard, and Socket.IO namespace layers.
TLS 1.2+ enforced on all connections. HSTS headers with includeSubDomains. OCSP stapling enabled.
Database storage uses encrypted volumes. Session tokens, OAuth secrets, and 2FA seeds are stored securely.
All data is processed and stored on UK-based servers managed by TekSpert Ltd. No data leaves UK jurisdiction.
Passwords are hashed with argon2id using OWASP 2024 recommended parameters. No bcrypt, no SHA-256.
TOTP-based 2FA mandatory for all agency owners and super admins. Optional for admins and managers.
Double-submit cookie pattern for state-changing requests. All API routes validate X-Requested-With headers.
Strict CSP with nonces on all authenticated surfaces. Prevents XSS, clickjacking, and code injection.
Redis-backed token bucket rate limiting on all endpoints. Auth: 5 attempts/15min/IP. Messages: 30/min/identity.
Every uploaded file is scanned with ClamAV before being made accessible. MIME types validated by magic-byte sniffing.
HTTP-only, Secure, SameSite=Lax cookies. Server-side sessions backed by Redis with 30-day rolling expiry.
Zod schemas at every API boundary. All schemas reject unknown keys. No unvalidated input reaches the database.
TekSpert Ltd is the platform Data Controller. Each agency is the Data Controller for their own creator data, with TekSpert as the Data Processor. This is formalised in our Data Processing Agreement.
Creators can export their own messages and profile data directly from the creator app's Profile screen.
When a creator is removed and requests deletion, message content is hard-deleted after 30 days, avatar caches are purged, and TikTok tokens are revoked.
Messages are retained as long as the chat exists. Chats are retained as long as the agency exists. Agencies are retained for 14 days after cancellation, then hard-deleted.