Resource

Your company data stays yours.

Botchi is built so business AI agents can use knowledge and tools without turning them into uncontrolled access. Encryption, account-owned credentials, approvals and auditability stay in the same workspace.

Audit trail

Acme workspace

08:00:02run.startsales-agent · scheduledattributed
08:00:03kms.decryptknowledge/pricing.mdaccount key
08:00:05grant.checkgmail.readInboxallowed
08:00:11tool.rungmail.readInbox · 18 messagesok
08:00:41approval.grantedgmail.sendEmail · Marta (owner)approved
08:00:58run.completeoutput encrypted · cost loggedsealed

Knowledge

encrypted

Training

never

This run

sealed

Control Stack

Security is layered around the account.

Envelope encryption

Company knowledge, files and credentials are encrypted per account with AWS KMS.

Never training data

Knowledge, files and conversations are not used to train AI models.

Zero data retention

Prompts and outputs are not retained by model providers beyond what you choose to store.

Account credentials

Tools use credentials owned by the account and scoped per agent, not a member's personal login.

Approval gates

Sensitive tools can require a human OK before an agent sends, edits or pays.

Audit and deletion

Agent activity is logged, and account data can be exported or permanently deleted.

Risk to control

The failure mode is uncontrolled access. The answer is scoped delegation.

01

A teammate connects a personal login to an agent.

Botchi uses account-owned credential bindings for business tools.

02

An agent has broad tool access it does not need.

Each agent receives scoped knowledge, tools and approval policies.

03

Sensitive work happens without a human decision.

Tool actions can be ask-first, read-only, automatic or off.

04

Nobody can explain what an agent did later.

Runs, actions and costs stay reviewable in account history.

FAQ

Questions security reviewers ask first.

How does Botchi protect company knowledge?

Botchi stores company knowledge inside the account boundary and encrypts sensitive account data per account. Agents can use only the knowledge they are granted.

Are company files used to train AI models?

No. Company knowledge, files and conversations are never used to train AI models.

Can teams require approval before an agent acts?

Yes. Tool policies can require a human approval before sensitive actions such as sending, editing or paying.

Who owns connected tool credentials?

Business tool credentials are account-owned and scoped through bindings, rather than relying on a member's personal OAuth token.