Zero Servers. Minimal Attack Surface.
Built on Cloudflare’s global edge network. A serverless architecture removes whole classes of risk — no host OS or VMs to patch, no exposed database ports — and every layer is covered by the controls described below.
Serverless by Design
A serverless architecture removes whole classes of risk — no host OS to patch, no VMs or containers to misconfigure, no exposed database ports. Application logic runs in isolated Cloudflare Workers sandboxes.
Zero-Server Architecture
One Dash Zero runs entirely on Cloudflare Workers — serverless edge computing. No servers, VMs, or containers to hack, patch, or misconfigure. All code runs in isolated V8 sandboxes with zero shared state.
Global Edge Network
Protected by enterprise-grade DDoS mitigation, Web Application Firewall, and a global edge network spanning 300+ data centers worldwide.
Encrypted Database
Data is stored in Cloudflare D1, encrypted at rest. No exposed database ports and no direct internet access to the database.
Every Byte, Encrypted
TLS 1.3 everywhere — All data in transit is encrypted. There are no unencrypted connections, no exceptions.
Processed on Cloudflare Workers, not traditional servers — Your data is processed by One Dash Zero application logic running on Cloudflare Workers. There are no traditional servers or VMs in the path, but all processing happens under the controls described on this page: TLS 1.3 in transit, encryption at rest, field-level encryption of connected credentials, and tenant-scoped access.
Field-level encryption at rest — Beyond Cloudflare’s platform encryption of the database, the third-party credentials you connect (e-commerce, CRM, calendar, and webhook tokens) are encrypted field-by-field with AES-256-GCM before they reach the database, using a key held as a Worker secret separate from the database. Platform API keys are stored as encrypted Cloudflare Worker secrets, never in source code. Backups use the same encryption.
Encrypted at rest
Field-level credential encryption
Authentication & Access Control
No Passwords Stored
Login uses one-time email verification codes, completely eliminating the risk of password database breaches. Nothing to leak, nothing to crack.
Secure Sessions
Session cookies use HttpOnly, Secure, and SameSite=Strict flags to prevent interception and cross-site attacks. Sessions expire automatically.
Tenant Isolation
Each account can only access its own data through authenticated, session-scoped API calls. Isolation is covered by an automated test suite (Playwright tenant-isolation tests) that runs on changes.
Sign-in uses email one-time codes — there are no passwords to breach, and every login requires access to your email account. Two-factor authentication via authenticator app (TOTP) is available.
Administrative audit trail — administrative actions such as account changes, agent deletions, and access-token issuance are recorded to an append-only audit log; entries are never overwritten.
AI & Voice Processing
How your calls and chats are processed — and who processes them.
🤖 Voice Calls
Processed through ElevenLabs (voice AI) and Twilio (telephony — SOC 2, HIPAA-eligible, PCI DSS). Inbound post-call webhooks are HMAC-signature-verified (rejected fail-closed on a missing or invalid signature), and each agent’s tool callbacks authenticate with a per-agent encrypted credential — so one tenant’s agent cannot invoke another tenant’s tools.
🛡️ Prompt-Injection Resistance
Every voice and chat agent runs a hardened system-prompt block (“Scope & Integrity”) that refuses jailbreak attempts — word-substitution, letter and homophone games, and code-word tricks — while still allowing legitimate read-backs of a caller’s name, phone, email, or booking code. Shipped across all agents, on both phone and web surfaces.
💬 Chat & Text AI
Powered by Anthropic’s Claude (SOC 2 Type II). Conversations are processed in real time and, per Anthropic’s commercial terms, are not used to train models. ElevenLabs voice processing is governed by its vendor terms.
🎤 Call Recordings
Disabled by default. When enabled, recordings are stored securely and accessible only to the account owner. Configurable retention periods.
These are real, shipped controls — not a claim of comprehensive AI safety. We continue to harden agent behavior as the threat landscape evolves.
Payment Security
Stripe handles all payment data. One Dash Zero never sees, processes, or stores credit card numbers. All payment processing is handled by Stripe, a PCI Level 1 certified payment processor.
Subscription management, billing, and refunds are processed entirely through Stripe’s secure infrastructure. No financial data ever touches our systems.
Subprocessors
The third parties that process data on our behalf.
| Vendor | Purpose | Data categories | Region | Certifications / DPA |
|---|---|---|---|---|
| Cloudflare | Compute, database (D1), storage, CDN/DDoS | All customer data, at rest & in transit | US (global edge) | SOC 2 Type II, ISO 27001, PCI DSS |
| Anthropic (Claude) | LLM — chat & content | Chat messages, business profile, agent prompts | US | SOC 2 Type II; no training on API data (commercial terms) |
| ElevenLabs | Voice AI (phone & web) | Call audio, transcripts, agent config | US | DPA available; see vendor terms |
| Twilio | Telephony, SMS, WhatsApp | Phone numbers, message bodies, recording URLs | US | SOC 2, HIPAA-eligible, PCI DSS |
| SendLayer | Transactional email | Recipient email & name, message body | US | TLS; DPA per vendor |
| Stripe | Payments, subscriptions | Billing references (no card numbers) | US | PCI DSS Level 1, SOC 2 |
| OpenAI | Image generation (gpt-image-2) — optional feature, not in the core receptionist data flow | Operator-typed text prompts only | US | API data not used for training (per vendor) |
| Google Places | Business address lookup | Business search text queries | US | Google Cloud terms / DPA |
| Google Calendar | Appointment booking | Event subjects/times, attendee emails | US | Google Workspace terms / DPA |
| Microsoft Graph (Outlook) | Appointment booking | Event subjects/times/locations | US | Microsoft terms / DPA |
| Cal.com | Appointment availability | Bookings by date range | US | Vendor terms / DPA |
| Meta (Facebook/Instagram) | Messenger/IG inbound, social publishing | Inbound message text, page post content | US | Meta platform terms |
| Apple (APNs) | Push notifications (iOS) | Device push tokens, notification payloads | US | Apple Developer terms / DPA |
Region reflects each subprocessor’s primary jurisdiction. One Dash Zero stores customer data within North America (primarily the United States); some subprocessors are global providers and may process data through infrastructure outside the region in the course of delivering their service. Retell AI is no longer used (voice is ElevenLabs). Northwest Registered Agent is a corporate registered agent, not a data subprocessor.
Compliance & Privacy
Privacy Rights
We support data subject requests — access, deletion, and correction — for California (CCPA/CPRA) and EU/UK (GDPR) residents. See our data deletion process below.
Data Deletion
Account data is retained while your account is active. Deletion requests are currently handled manually, case by case — a self-serve erasure workflow is in development. Production data is removed on request; encrypted backups age out on the normal rotation (7-day rolling dumps, 30-day weekly snapshots) and are then deleted automatically.
Transparency
Our Privacy Policy and Terms of Service detail exactly what data we collect and how it is used. No fine print, no surprises.
Have Security Questions?
We’re happy to answer any security questions, provide additional documentation, or discuss your compliance requirements.
Responsible disclosure — Security researchers can report vulnerabilities to security@onedashzero.ai; we acknowledge reports and remediate. See our security.txt.
security@onedashzero.ai · +1 (762) GET-DASH
