Skip to main content
HomecareHQ is built to be careful with your data. This page explains how connected data is handled and the controls you have.
HomecareHQ is an orchestrator, not your system of record. Your connected systems stay the source of truth for their data — HomecareHQ reads a working copy to answer your questions and build dashboards, isolated to your organization. You control which data areas are turned on, and most connections are read-only for chat and dashboards today.

Where your credentials live

Vaulted, never stored by us

Credentials for connected systems are encrypted and held by our credential vault partner (Nango). HomecareHQ’s own systems never see or store them.

Least privilege

We ask only for the access needed for the features you use — and several systems are read-only.

What we read and store

  • A working copy. We sync the data areas you enable into a working copy so AskHQ can answer quickly. It’s isolated to your organization.
  • Only enabled areas. Sensitive areas (like PrismHR payroll and benefits) stay off until you opt in. Turning an area off means we simply don’t fetch it.
  • Documents = references only. For HR document features, we read the list of documents — references and metadata — never the file contents.

Isolation between organizations

Every piece of your data is scoped to your organization and protected by row-level security, so one agency’s data is never visible to another. AskHQ also respects each user’s role — people only see what they’re permitted to.

Controls you hold

Choose data areas

Enable or disable sensitive data areas per connection in Admin Settings → Integrations.

Disconnect anytime

Disconnecting a system immediately stops further access.

Role-based access

Owners and admins manage connections; what each user sees is governed by their role.

Audited activity

Data queries are recorded, so there’s a trail of what was accessed.