Security & Privacy

Floe operates inside your product's browser automation environment. That position requires clear boundaries around what the agent can access, what gets stored, and how sessions are isolated. This page covers the specifics.

SOC 2 readiness

Floe's architecture is built to SOC 2 Type II standards. Certification is in progress. Enterprise customers can request our current security documentation, including architecture diagrams, data flow maps, and control descriptions, by contacting the team directly.

The controls are in place regardless of the certification timeline: encrypted data at rest and in transit, role-based access, audit logging, and isolated processing environments.

What the agent accesses

During an active session, the agent sees what's on screen. It reads the page content, interactive elements, and layout the same way a user sitting in front of the browser would. This is how it navigates your product, clicks buttons, and fills forms.

What the agent can see during a session:

  • Page content visible in the browser viewport
  • Interactive elements (buttons, inputs, links, menus)
  • Text content on the current page
  • Navigation structure and URL paths

What the agent never accesses:

  • User passwords or authentication tokens
  • Payment card numbers, bank details, or billing credentials
  • Browser cookies or local storage from your application
  • Data from other browser tabs or applications
  • Your product's database or backend systems (unless you explicitly enable API execution)
  • Content on screens the user has not navigated to

The distinction matters: the agent works at the browser UI layer, not the application layer. It cannot read anything your UI doesn't render on screen.

What gets stored

Floe stores session data to power replays, analytics, and product insights in the dashboard.

Stored after each session:

  • Session recordings: A visual record of what happened during the session, used for replay in the dashboard
  • Transcripts: The full voice and text conversation between the user and the agent
  • Session metadata: Duration, pages visited, actions taken, timestamps
  • Agent decisions: What the agent chose to do and why (used for debugging and quality improvements)

Never stored:

  • User passwords entered during sessions
  • Payment information visible on screen (redacted from recordings)
  • Raw authentication tokens
  • Data from pages outside the active session

Session recordings are retained for 90 days by default. Enterprise customers can configure custom retention periods.

Browser session isolation

Each Floe session runs in its own isolated context. Sessions do not share state, memory, or data with each other. When a session ends, the agent's working memory for that session is cleared.

For the demo agent, each demo runs in a dedicated browser instance. One prospect's demo has zero visibility into another prospect's session. The browser instance is destroyed after the demo ends.

For the in-product agent, the overlay runs within the user's own browser tab. It does not open background connections to other users' sessions or share context across users. The overlay's Shadow DOM container is isolated from your product's DOM, preventing cross-contamination of state.

No persistent access exists outside of active sessions. When the user closes the overlay or the session ends, the agent stops processing. It does not monitor the page in the background, track user behavior between sessions, or maintain a persistent connection.

GDPR compliance

Floe supports GDPR requirements across several areas. Learn more about how it works at the architecture level.

Consent for voice recording: Voice sessions require user consent before recording begins. The SDK presents a consent prompt that you can customize. No audio is captured or transmitted until the user explicitly agrees. Text-based interaction is available as an alternative that does not require voice consent.

Data deletion: Users can request deletion of their session data. Submit deletion requests through the dashboard or via the API. Deletion covers session recordings, transcripts, and all associated metadata. Deletion is processed within 30 days per GDPR requirements.

Data portability: Session data can be exported in standard formats for portability requests.

Processing location: Data is processed and stored in SOC 2-compliant cloud infrastructure. Enterprise customers can specify regional data residency requirements.

Right to explanation: Because the agent's decisions are logged (what it chose to do and why), you can provide users with clear explanations of how the AI interacted with their data during any session.

Enterprise security controls

Enterprise plans include additional controls for organizations with stricter requirements.

Single sign-on (SSO): Connect your identity provider for dashboard access. Supports SAML 2.0 and OIDC. Your team logs in through your existing SSO flow instead of separate credentials.

Audit logs: Every action in the dashboard is logged: who did what, when, and from which IP. This includes site configuration changes, session replays, capability edits, and API execution settings. Logs are exportable and retained for 12 months.

Dedicated instances: For organizations that require full isolation, Floe can run on dedicated infrastructure. Your data never shares resources with other customers. This includes separate compute, storage, and network boundaries.

IP allowlisting: Restrict dashboard access to specific IP ranges. Useful for teams that require all admin access to originate from a corporate network or VPN.

Custom data retention: Configure how long session recordings, transcripts, and analytics are retained. Set different retention periods for different data types based on your compliance requirements.

Responsible AI practices

The agent is grounded in your product's content. It does not generate information beyond what it learned from your ingested documentation and explored screens. When the agent doesn't know something, it says so rather than guessing.

Session recordings and transcripts are used to improve the agent's performance for your specific product via session intelligence. They are not used to train models for other customers. Your data stays yours.

FAQ

Can I disable session recording entirely? Yes. Session recording can be turned off in site settings. The agent still functions, but you lose replay and transcript capabilities in the dashboard.

Does the agent work with products behind authentication? Yes. For demos, the agent uses credentials you provide in the site configuration. For in-product onboarding, the user is already logged in and the overlay operates within their authenticated session.

What happens if a user shares sensitive information during a voice session? Transcripts are stored with your configured retention policy. If a user inadvertently shares sensitive information, you can delete that specific session's data through the dashboard.

Where can I find more details? Check the FAQ for additional questions about how Floe works. Enterprise customers can request a full security review with the team.