Security is the foundation, not the marketing.

Every bullet below is a real thing we built, not a sticker. We write this calmly because the work itself is calm.

Multi-tenant isolation

Each business has its own data slice; the repository layer prevents cross-tenant reads or writes.

Names, phone numbers and addresses are encrypted with AES-GCM before they touch the database.

Recording starts only when consent is captured. Every recording access is short-lived and audited.

Prompt-injection, jailbreak and prompt-leakage detectors run alongside cross-tenant retrieval checks.

Outgoing calls to your integrations go through an allow-list checker — no internal address slipping out.

Every privileged action is recorded with actor, time and reason. Nothing in the audit trail is editable.

A tenant-delete is a deliberate, reversible request — not a one-click loss.

For the legal mechanics, see our privacy policy and the data processing addendum.