Protect dashboard access
Use strong passwords, OAuth from trusted providers, authenticator app MFA where available, and role-based access for team members.
- Remove users who no longer work for the business
- Use business email accounts where possible
- Do not share one login across a team
- Review billing and account changes regularly
Handle customer information carefully
SIMCOAI should only receive data needed to answer, route or log the customer task. Sensitive information, especially card numbers, should not be requested or stored in AI chat or voice logs.
Escalate payment details to secure payment flows.
Avoid uploading unnecessary personal data.
Use legal pages and your own business policies to explain customer handling.
Legal acceptance gates
The dashboard can block feature access until required policy versions are accepted. This keeps business-use confirmation, privacy, cookies, AI, billing and telecoms terms tied to backend records.
Terms and policies
Required for new accounts and paid feature use.
Audit logs
Important security and compliance events are recorded.
RLS and ownership
Database access is designed around business ownership and service-role writes.
