Trust Center
Your data security and privacy are our top priorities
Security
Data Encryption
All data in transit is encrypted using TLS 1.3. Data at rest is encrypted using AES-256.
Authentication
Multi-factor authentication (MFA) supported. API keys are securely stored and can be rotated.
Infrastructure
Hosted on AWS with SOC 2 Type II compliance. Regular security audits and penetration testing.
Access Controls
Role-based access control (RBAC) with organization-level data isolation. Row-level security policies.
Privacy
Data Ownership
You own all your data. We never sell your data to third parties. You can export or delete your data at any time.
Data Retention
Call recordings and transcripts are retained according to your subscription plan. You can configure retention policies.
GDPR Compliance
We comply with GDPR requirements. You can request data access, correction, or deletion at any time.
CCPA Compliance
California Consumer Privacy Act (CCPA) compliant. California residents have additional privacy rights.
Compliance & Certifications
Data Storage & Location
Primary Region
Data is primarily stored in US East (N. Virginia) AWS region. EU data residency available on Enterprise plans.
Backups
Daily automated backups with point-in-time recovery. Backups are encrypted and stored in geographically distributed locations.
Disaster Recovery
Recovery Time Objective (RTO): < 4 hours. Recovery Point Objective (RPO): < 1 hour.
Incident Response
In the event of a security incident, we follow a structured incident response process:
- Detection and analysis
- Containment and mitigation
- Notification to affected customers (within 72 hours)
- Post-incident review and improvements