> For the complete documentation index, see [llms.txt](https://docs.perisclaw.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.perisclaw.com/security-and-control/privacy-and-security.md). # Privacy & security **We obsess over security so you don't have to.** Perisclaw runs inside your WhatsApp, with access to your conversations and the tools you connect. Protecting that data is the foundation the product is built on — not an afterthought. Here is exactly how it works. ## Your data is fully isolated Every session runs in its own sealed environment. Your data is never pooled with anyone else's, and it never leaves that environment. The only thing that touches it is your own agent, acting on the instructions you give it, inside secure cloud infrastructure. No one on our team reads it, and it's never used to train any AI model. What you put in stays yours. ## Everything is encrypted From the moment you sign in, your data is encrypted into a form that's unreadable without the right key. Those keys are derived using HKDF, from a master key and a unique random value called a salt. Two things follow from this: the keys are never left sitting somewhere to be stolen, and because every user's salt is different, identical pieces of data look completely different once encrypted. Both your data and your logs are protected this way. ## We don't collect data about you Perisclaw keeps no activity logs and no telemetry on you. Nothing about what you do is quietly collected or sent back. If something ever needs debugging, the only thing that can inspect your environment is your own agent, which can trace and fix issues on request. The single exception is feedback you choose to give — which is logged and visible to you, so you always know what was sent and when. ## Your connections are guarded against attack Your agent can connect to tools like your calendar and email, and be extended with skills and plugins. Every one of those connections is also a possible way in for an attacker. The main threat is **prompt injection** — where malicious instructions are hidden inside ordinary-looking content (a message, an email, a web page) to trick your agent into acting against you. Your agent runs in a secured runtime with strict safeguards against unauthorized prompts, scripts, skills, and tool use, and we vet every skill, plugin, and connection against these attacks before it's ever allowed to run. ## We're independently tested and audited We don't rely only on our own checks. Our systems go through regular vulnerability testing, where we actively hunt for and fix weaknesses before anyone can exploit them. We also follow recognized security standards such as ISO 27001, which holds our controls to an external benchmark rather than our own judgment. ## Your data is never used to train AI Your data is never used to train AI models — ours or anyone else's. We explicitly opt out of all model training on customer data. What you put in is used only to run your assistant, and nothing more. {% hint style="success" %} Your data exists for one purpose: to make your assistant work for you. You stay in control of every connection and everything it remembers — see [Permissions & access](/security-and-control/permissions-and-access.md). {% endhint %} ## Reporting something For anything security-related, or if you notice something unusual, [contact our support team](https://api.whatsapp.com/send/?phone=919205759988\&text=Hi,%20I%20need%20some%20help%20with%20Perisclaw). --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.perisclaw.com/security-and-control/privacy-and-security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.