Security is the foundation, not the marketing.
Every bullet below is a real thing we built, not a sticker. We write this calmly because the work itself is calm.
Per-tenant data isolation
Your tenant’s data lives in its own slice. Cross-tenant reads are blocked at the repository layer.
AES-256 encryption on every PII field
Names, phone numbers and addresses are encrypted with AES-GCM before they touch the database.
Recordings only with explicit consent
Recording is off by default. When you turn it on, callers are informed — and every playback is audited.
DPDP-aligned, audit-ready
Every privileged action is append-only logged with actor, time and reason. Show your auditor a real trail.
For the legal mechanics, see our privacy policy and the data processing addendum.