Team & security
TechDocChat uses Better Auth with organization plugins: members belong to a single org context per session, and APIs enforce org isolation on the server.
Roles
- Owner — billing, invites, org name, destructive actions where applicable.
- Editor — create and manage documents; cannot change billing by default.
- Viewer — read-only access to documents and chat where enabled.
Exact permissions can evolve; the Settings UI reflects what your build allows.
Invitations & seat limits
Owners send email invitations. Pending invites count toward your organization’s seat cap so you cannot exceed the plan maximum by spamming invites. Remove a member or cancel a pending invite to free a seat.
Sessions & cookies
Sessions are HTTP-only cookies scoped to the application origin. Log out from the app to clear the session; avoid sharing accounts across people—use invites instead.
Data handling (summary)
Document bytes live in object storage; metadata and embeddings live in Cloudflare-managed databases and vector indexes tied to your organization ID. See the Privacy Policy for collection and subprocessors (e.g. Stripe, email).
Admin / support access
Operational access for debugging should be rare, logged, and consistent with your agreement. Ask support for a written summary if you need enterprise-grade assurances.