Security & privacy
How Opsfly handles your data, encryption, access controls, and customer privacy.
Overview
Opsfly handles sensitive business and customer data. This page describes how that data is stored, protected, and controlled.
In summary: all data is encrypted at rest and in transit. Customer conversation data is stored in isolated per-workspace databases. No conversation data is used to train shared AI models. You can export or delete your data at any time.
How it works
All API communication uses TLS 1.2 or higher. Data at rest is encrypted using AES-256. Platform credentials (Facebook tokens, WhatsApp API keys) are stored in an encrypted secrets vault and never exposed in Builder or Console UI. Access control is role-based — you can invite team members with read-only or full access.
💡 Tip: Enable two-factor authentication on your Opsfly account and on the Facebook Business Manager account connected to your workspace. These are the two most common entry points for unauthorized access.
Step by step
Prerequisites
- No special setup required. Security measures are applied by default to all workspaces.
Configuration
To manage team access: Builder → Settings → Team. To rotate API keys: Builder → Settings → API Keys → Regenerate. To request a full data export: contact opsfly@infai.xyz with your workspace ID. To delete your workspace and all associated data: contact opsfly@infai.xyz — deletion is permanent and irreversible.
Next steps
If you have specific compliance requirements (GDPR, data residency, etc.), contact opsfly@infai.xyz to discuss Enterprise options.