MGO Support ("the Service") is an internal customer support and operations platform operated by MobileGo Bahamas Ltd. ("MobileGo", "we", "us"). The Service is provided exclusively to authorized MobileGo employees and contractors ("Users") for the purpose of managing customer support operations across MobileGo's digital payment and mobile services platform.
MobileGo provides mobile top-ups, bill payments, gift cards, and international money transfers across the Bahamas, Haiti, Jamaica, and 100+ international markets. This Service consolidates support ticket management, customer lookup, multi-channel communication, monitoring, and AI-assisted workflows into a unified command center.
Access to the Service is by invitation only. An administrator must invite you via a valid invitation link. Invitations are restricted to approved corporate email domains. Upon accepting an invitation, you are assigned one of three roles:
You are responsible for maintaining the confidentiality of your account credentials. Authentication is handled through Supabase Auth using email and password. Sessions are managed via secure, httpOnly cookies with automatic refresh.
We collect and store your email address, full name, assigned role, and account status. All actions you perform within the Service are recorded in an append-only audit log that cannot be modified or deleted.
The Service processes MobileGo customer information including names, email addresses, phone numbers, transaction history, and account tiers. Customer data originates from the MobileGo transaction platform (accessed read-only) and from direct customer interactions via support channels.
The Service processes messages and communications across multiple channels: WhatsApp, email, phone/voice, and live chat. This includes message content, delivery status, call recordings, and call transcripts. All communications are associated with support tickets for record-keeping.
Documents uploaded to the knowledge base (PDF, Word, Markdown, plain text) are processed for text extraction and semantic search. Uploaded documents are stored in Supabase Storage with a maximum file size of 200MB per document.
The Service integrates with the following third-party providers to deliver its functionality. Data shared with each provider is limited to what is necessary for the specific integration:
Sensitive data fields are encrypted at rest using AES-256-GCM authenticated encryption with random initialization vectors per record. Encryption keys are managed through environment variables secured by the deployment platform.
Role-based access control (RBAC) restricts data visibility by role. Representatives see masked phone numbers (last 4 digits only), masked email addresses (domain only), and masked account/card numbers. Managers and administrators see unmasked data. Row-level security (RLS) policies are enforced at the database level.
The Service enforces a Content Security Policy (CSP) with per-request cryptographic nonces. API routes are protected by rate limiting. Cookies are configured with httpOnly, Secure, and SameSite attributes. Webhook endpoints validate request signatures before processing.
All API inputs are validated against Zod schemas before processing. The monitoring engine restricts database queries to read-only SELECT statements with query validation and execution timeouts.
All significant actions are recorded in an append-only audit log. Log entries include the user identity, role, action performed, affected resources, query parameters, result counts, duration, and success/failure status. Authentication events (login, logout, session timeout) and system errors are also logged.
Audit log entries cannot be modified. Database triggers enforce immutability by blocking UPDATE operations on the audit log table. Entries are retained for 7 years and automatically cleaned up by an authorized retention process after the retention period.
The Service uses AI (Anthropic Claude) to generate draft responses, analyze customer intent, suggest resolutions from the knowledge base, and provide monitoring insights. AI-generated content is presented as suggestions and requires human review before being sent to customers. The Service does not automatically send AI-generated responses without agent action.
AI features depend on the availability of the Anthropic API. Service degradation or unavailability of AI features does not affect core ticket management, customer lookup, or communication capabilities.
The monitoring engine tracks MobileGo backend health including account balances, transaction success rates, and provider availability. Alerts are classified by severity (critical, high, medium, low) and delivered via dashboard notifications and push notifications.
The agent system can propose autonomous actions such as escalating tickets or suggesting refunds. Actions requiring approval are queued for manager review before execution. Auto-execute actions are limited to low-risk operations defined in the system configuration. All agent actions are recorded in the audit trail.
You agree to use the Service only for authorized MobileGo support operations. You must not:
The Service is hosted on Vercel with Supabase as the database and authentication provider. We do not guarantee specific uptime percentages. Service availability depends on the uptime of Vercel, Supabase, and integrated third-party providers (Anthropic, Deepgram, ElevenLabs, Meta, Google). API requests are subject to a 30-second timeout. We reserve the right to perform maintenance that may temporarily affect availability.
The Service is provided "as is" for internal operational use. MobileGo is not liable for losses arising from AI-generated content that is sent without proper human review, third-party service outages affecting communication channels, or delays in alert delivery. Users are responsible for verifying AI-suggested actions before execution and for following established escalation procedures for urgent customer issues.
We may update these terms as the Service evolves. Material changes will be communicated through the Service. Continued use of the Service after changes constitutes acceptance of the updated terms.
For questions about these terms or the Service, contact your system administrator or reach MobileGo support operations management.
© 2026 MobileGo Bahamas Ltd. All rights reserved.