Governed AI for Salesforce teams that need control, review, and audit.
ConvoPro lets users create and share prompt buttons inside admin-defined boundaries. Salesforce permissions control access, admins define what AI can see and do, and data-changing actions route through human review before they run.
Salesforce access
Users work through the Salesforce roles, profiles, permission sets, sharing rules, and record access your organization already manages.
Existing accessConvoPro boundaries
Admins define approved data, tools, connectors, models, actions, rollout rules, and usage visibility for prompt buttons and workflows.
Admin policyHuman review
Data-changing actions route through human review according to configured rules before they run.
Review before writeAudit visibility
Admins can review usage, review decisions, action status, and promotion paths.
Reviewable activitySecurity starts with Salesforce permissions, then adds ConvoPro boundaries.
Users move quickly inside the access and policies their organization approves. Salesforce controls record and field access. ConvoPro adds policy around prompts, tools, connectors, models, review rules, rollout, and usage visibility.
Salesforce access
Users work through the Salesforce roles, profiles, permission sets, sharing rules, and record access your organization already manages.
Existing accessConvoPro boundaries
Admins define approved data, tools, connectors, models, actions, rollout rules, and usage visibility for prompt buttons and workflows.
Admin policyHuman review
Data-changing actions route through human review according to configured rules before they run.
Review before writeAdmins define what AI can see and do.
The boundary model gives admins practical control over the data, tools, models, actions, spend, review rules, and rollout paths available to teams.
Fast for read and draft work. Reviewed when actions change data.
ConvoPro lets teams move quickly on read, summarize, classify, analyze, and draft tasks. When a prompt button creates, updates, sends, deletes, or triggers an action, configured review rules route the action to a human before it runs.
Can move quickly inside boundaries
Read, summarize, classify, analyze, extract, and draft work moves quickly when it stays inside approved access and policy.
Requires human review when configured
Create, update, send, delete, route, and trigger style work routes through human review according to configured rules before execution.
Review is tied to action risk, not to whether a prompt button can be shared.
Clear data flow for evaluation teams.
ConvoPro is designed around a clear operating path: Salesforce access first, admin-defined boundaries second, approved processing third, and human review before data-changing actions execute.
User starts in Salesforce
A user runs a prompt button, workflow, or Studio request from the Salesforce work context.
Access and boundaries are checked
The request is evaluated against Salesforce access and ConvoPro admin policy.
Approved context is processed
Approved context, instructions, and tools needed for the task move through the configured processing path.
Result returns for review or action
Read and draft results return to the user. Data-changing actions route through review before execution.
ConvoPro installs in your Salesforce org and calls approved AI models through admin-configured connectors. Detailed data flow documentation is available for evaluation teams. Security, retention, and model-provider details depend on the selected ConvoPro configuration and customer requirements.
Model and connector control without unmanaged sprawl.
Model flexibility works when admins govern providers, credentials, connectors, tools, and usage visibility. ConvoPro manages model access through approved provider configurations for Claude, OpenAI, and Google.
Approved model list
ConvoPro manages model access through approved provider configurations for Claude, OpenAI, and Google. Admins govern which provider configuration is available to each workflow.
Connector boundaries
External sources and tools are approved by admins before use in prompt buttons or workflows.
Credential control
Credentials, named connections, and integration permissions are managed by admins, not individual users.
Usage visibility
Teams track usage and spend so adoption does not become an unmanaged cost center.
See what was used, reviewed, and promoted.
Audit visibility helps answer practical questions: who used AI, what context was used, what action was proposed, who reviewed it, and what changed.

Controls evaluation teams can review.
Use this matrix to see how ConvoPro approaches common security, governance, and procurement concerns during evaluation.
Request the security packet.
Evaluation teams can request ConvoPro security documentation, architecture notes, data flow detail, and current AppExchange review status.
Current AppExchange review status and related security documentation are provided in the security packet.Security FAQ
Answers for CIOs, Salesforce admins, security reviewers, and implementation teams.
Does ConvoPro bypass Salesforce permissions?
No. ConvoPro is designed around Salesforce access first, then ConvoPro admin-defined boundaries for data, tools, models, connectors, and actions.
What actions require human review?
Data-changing actions such as create, update, send, delete, or trigger style actions route through human review according to configured rules.
Can users share prompt buttons without admin approval?
Yes. Prompt buttons can be shared inside admin-defined boundaries. Human review is tied to data-changing actions, not sharing itself.
What data leaves Salesforce?
Approved context and instructions move through the configured processing path for the task. Evaluation teams can request the current data flow documentation for their selected configuration.
Is customer data used to train AI models?
Model-training and provider-handling details are documented for the selected configuration. Evaluation teams can request the current security packet before rollout.
Does ConvoPro require Data Cloud?
ConvoPro can often start without a broad Data Cloud program for the core prompt button and governed workflow model described on this page. Final architecture depends on the workflow, data sources, and customer configuration.
Can we choose which model provider is used?
Yes. ConvoPro manages model access through approved provider configurations for Claude, OpenAI, and Google. Admins govern which provider configuration is available to each workflow from the Console.
Is AppExchange Security Review complete?
Current AppExchange review status is provided during evaluation and should be confirmed with the ConvoPro team before procurement.
What gets logged?
Audit visibility includes usage, prompt button, review decision, action status, and promotion path. Specific fields and retention behavior are documented in the security packet.
Can we limit rollout by team or role?
Yes. Rollout can be planned by team, role, workflow, and policy needs during implementation.
Does ConvoPro support SSO and MFA?
Yes. ConvoPro enforces your organization's existing single sign-on and multi-factor requirements rather than introducing a separate identity system.
Review ConvoPro with your security and Salesforce teams.
Start with the control model: Salesforce permissions, admin-defined boundaries, human review for data-changing actions, audit visibility, and documented data flow.

