Security & Trust

For IT, security, and network administrators reviewing Docently.

The short version: the Docently widget is one small first-party script that loads no third-party code, sets no cookies, stores nothing in the browser, and — from the visitor's browser — talks only to the Docently chat endpoint. To allowlist it on a content filter you only need *.docently.org.

What loads on your page

A single JavaScript bundle (widget.v1.js) served from a Docently origin. It is built from a small UI framework only — it loads no third-party scripts, fonts, analytics, tag managers, or CDNs, and pulls in no external CSS. The widget renders entirely inside a Shadow DOM, so it cannot read or modify your page's DOM, forms, or cookies.

Where data goes

From the visitor's browser, the only network request the widget makes is to the Docently chat endpoint you embed. It does not call our AI or database providers from the browser — that processing is server-to-server from Docently's backend. What leaves the browser is: the visitor's typed question, the recent in-tab message history, and a per-visit session identifier.

Cookies, storage, tracking, permissions

Sets no cookies.
Writes nothing to localStorage / sessionStorage.
Requests no device permissions (no geolocation, camera, microphone) and does no fingerprinting.
The session identifier is random, held in memory for the tab only, and regenerated on reload — it cannot be used for cross-visit or cross-site tracking.
The cross-origin request is sent without credentials, so your site's cookies are never forwarded.
No behavioral or advertising tracking.

Content Security Policy

The widget is compatible with a strict CSP. Allow the Docently origin in script-src and connect-src. Because the widget injects its scoped styles as an inline <style> element into its own Shadow DOM, style-src must permit inline styles ('unsafe-inline' or a style hash). The widget uses no eval/unsafe-eval.

Allowlisting on managed networks

Docently products run under *.docently.org. To ensure the assistant works on networks behind a content filter, allowlist that domain on your web filter (e.g., Cisco Umbrella, Securly, Lightspeed, GoGuardian, iBoss). The domain is categorized as business/technology; contact us if your filter shows it otherwise and we will request a re-categorization.

Application security

Encryption in transit (HTTPS) everywhere.
Origin allowlist: the chat endpoint only serves browser origins the customer has authorized.
Rate limiting per IP and per session, applied before any AI call, to prevent abuse and cost-running.
Confidence gating: out-of-scope questions are declined rather than answered, reducing fabrication risk and preventing use as an open AI proxy.
Least data: the knowledge base is public page content; there is no integration with any system of record.
Admin access to the customer console is protected by per-user accounts (hashed passwords) and short-lived, HttpOnly session tokens.

Data handling & retention

Conversation logs are retained up to 30 days, then automatically deleted. AI requests are processed under commercial terms that do not use content to train models. A Data Processing Agreement is available to customers — contact privacy@docently.org. See our Privacy Policy for full detail.

Reporting a vulnerability

We welcome responsible disclosure. Email security@docently.org with details and we will respond promptly. Please do not test against live customer sites without coordination.