Security & trust

Built to protect your brand — and your customers’ data.

cobay talks to your customers with your name on it. So it’s grounded in your real data, speaks in your voice, and hands off when it’s unsure — and the data behind it is encrypted, isolated, and kept only as long as it’s needed.

The three guarantees

A confident, wrong answer costs you a customer. cobay is built so that never happens.

Grounded — it never invents

Answers come from your real Shopify catalog, prices, inventory, and policies. No made-up orders, no imaginary stock, no guessed refund rules. If it isn’t in your data, cobay doesn’t say it.

Your voice, your rules

cobay speaks in your brand’s tone and follows your policies — the ones you set. It stays on-brand and inside the lines you draw, every conversation.

Knows when to hand off

Low confidence, a sensitive request, or an upset customer? cobay routes to a human cleanly, with the full context attached. It won’t bluff its way through.

Data handling

Your customers’ data, handled the way you’d handle it yourself.

Concrete practices, not vague promises. Here’s exactly how cobay treats the data it touches.

Encrypted in transit and at rest

Every connection uses TLS. Data stored on our behalf is encrypted at rest by our infrastructure providers. Nothing travels or sits in the clear.

Tenant isolation with row-level security

Every store’s data is separated at the database layer with PostgreSQL row-level security. One brand can never see another brand’s customers, orders, or conversations.

Minimal retention

Live order and inventory data is read from Shopify on demand and cached for roughly 60 seconds — not stored long-term. cobay keeps the conversation memory it needs to help your customers, and no more.

Least-privilege access

cobay requests only the Shopify scopes it needs to sell and support. Internal access to production data is limited to the people who need it, and logged.

Documented incident response

We have a written incident-response plan: detect, contain, notify. If something affecting your data ever happens, you hear from us — quickly and honestly.

Clear terms, in writing

How we handle data is spelled out in our Privacy Policy and Data Processing Agreement — not buried. Read them before you connect your store.

Read the details for yourself — our Privacy Policy and Data Processing Agreement.

Subprocessors

The companies we trust to run cobay.

cobay is built on a small, deliberate set of infrastructure providers. Here’s who they are and what each one does with data on our behalf.

SubprocessorWhat it does
AnthropicAI models that power the agent’s reasoning and replies.
OpenAIAI models and embeddings for understanding and search.
SupabaseManaged Postgres database, auth, and row-level tenant isolation.
VercelApplication hosting, edge delivery, and the marketing site.
UpstashRate limiting and short-lived caching of live store data.
ShopifyYour store’s catalog, orders, and customer data — the source of truth.
SentryError monitoring so we catch and fix problems fast.
PostHogProduct analytics to understand and improve how cobay is used.

We keep this list current. When we add or change a subprocessor, it’s reflected here.

Honest by default

We’ll tell you what we do — and what we don’t.

cobay is an early-stage company building for the long run. We’d rather earn your trust with the truth than lose it with a badge we haven’t earned. As we grow, our security program grows with us — and we’ll say so here when it does.

  • We don’t claim certifications we don’t hold. No fake SOC 2 badge, no borrowed logos.
  • We tell you exactly which providers touch your data, and what each one does.
  • We keep data for as long as it’s useful to your customers — then it goes.
  • If something goes wrong, you’ll hear it from us, in plain English, fast.

Grounded, on-brand, and safe with your data.

Add cobay to your store and see it work — encryption, tenant isolation, and honest AI, from the first conversation.