Infrastructure
- ✓SOC 2 Type II certified infrastructure (Vercel + Supabase)
- ✓Data encrypted in transit (TLS 1.2+) and at rest (AES-256)
- ✓Row-level security enforced at the database layer — not just application logic
- ✓Full tenant isolation enforced at schema level
Access Control
- ✓Role-based access: Owner, Admin, Member
- ✓SSO / SAML support for enterprise plans
- ✓Admin impersonation with full audit log
- ✓Session management with configurable expiry
Data Handling
- ✓Contact data scoped to tenant — no cross-tenant data access architecturally possible
- ✓Data residency options on Scale plan
- ✓Data export on request
- ✓Data deletion on account closure — full wipe within 30 days
Communication Compliance
- ✓CAN-SPAM and GDPR compliance tooling
- ✓STOP/UNSUBSCRIBE handling automatic across all channels — synced to CRM immediately
- ✓Sending window enforcement — agents don't send outside configured hours
- ✓DNC list management — import and enforce do-not-contact lists
Responsible AI
- ✓Agents operate within defined boundaries — no autonomous expansion of scope
- ✓All AI-generated messages reviewable in audit trail
- ✓Human escalation enforced at defined thresholds — AI cannot override
- ✓No AI training on customer data
For your security team
We provide the documentation your team needs for vendor approval and compliance review.
Security questionnaire responseData Processing Agreement (DPA)Architecture & infrastructure overviewPenetration test summary on request
Contact us