Trust Center Q&A widget

Trust Center Q&A is a separate, public-facing chatbot you can opt in to under Settings → Trust Q&A. When enabled, every visitor to your public trust center sees an "Ask {tenant} anything" launcher in the bottom-right corner. The widget answers strictly from your published documents, with citations back to the section it pulled from.

This is the feature that automates security questionnaires.

What the widget can answer

• Anything covered in your published Privacy Policy, DPA, AI Trust Center, OSS Attribution, or SOC 2 Readiness pack.
• Cross-document questions ("where do you store data and which AI vendors process it?") since all five docs are in the retrieval pool.

What it refuses

• Anything not in your published docs. The model is instructed to say so plainly and offer a human follow-up.
• Anything that looks like an attempt to extract internal workspace data — only published doc content is in scope.
• Off-topic chat (the system prompt restricts to privacy / security / AI / OSS / SOC 2 questions).

How retrieval works

Same engine as the in-product assistant, with the section pool restricted to one tenant's published versions. Heading, keyword, and phrase scoring; 3.5 KB of section content per answer; citations rendered as clickable section anchors.

If retrieval finds zero relevant sections, the widget responds with:

I can only answer from this company's published trust-center documents, and I couldn't find anything relevant to your question. The team has been notified — they may follow up if you provided an email.

…and the question still gets captured to your dashboard so you know what FAQ gap to fill.

Captured questions

Every question lands in Settings → Trust Q&A → Recent prospect questions. For each entry you see:

• The redacted question (PII stripped before storage).
• A preview of the answer the bot returned (or "no matching content" if retrieval failed).
• The optional prospect email and company, if they filled them in.
• Timestamp.

This feed is the most useful thing about the widget. If three prospects in a week asked about EU data residency and your DPA doesn't cover it, that's a documentation TODO.

Email capture (optional)

The widget can show an "optional follow-up" form below the input that collects an email + company. Toggle this under Settings → Trust Q&A → Show optional "Get a human follow-up" email capture. When off, no capture form is rendered and prospect_email stays null on captured rows.

Hard limits

• Off by default. No tenant has the widget on until you flip the toggle.
• IP rate limit: five questions per minute per IP. Sufficient for legitimate prospect use, blocks accidental abuse.
• Plan-budget: Trust Q&A messages count against a separate monthly budget (PLAN_TRUST_QNA_BUDGETS — currently Free 0, Starter 0, Growth 500, Scale 5,000, Enterprise unlimited). When the budget is exhausted the widget responds with a "this trust center is at capacity" message and stops invoking the LLM.
• Doc content only. No workspace counts, no scan findings, no draft documents. Only versions with status = published are in the retrieval pool.
• PII redaction in. Each question is redacted before LLM call, so a prospect pasting their own data won't pipe it to the model.

Why this is the differentiator

Conventional trust-center products (SafeBase, Conveyor, Vanta Trust Center) host PDFs and questionnaire answers as static pages. Attestly already represents your trust-center artefacts as structured, versioned data, so the widget can cite exactly the section that answers a question — by document, by version, by anchor — without a human writing FAQ entries.

The result is that prospects routinely get accurate answers to questionnaire-style questions in seconds, with the receipts.

Disabling

Flip the toggle off and the widget stops rendering on the public page on next request (cached pages refresh on the next deploy or revalidation). Captured questions remain — delete them via the dashboard or by purging the trust_qna rows directly.