Security built into the architecture, not bolted on

Annual audit by an independent AICPA-accredited firm covering Security, Availability, and Confidentiality trust service criteria. Report available under NDA to enterprise customers.

Information security management system aligned to ISO 27001:2022. Full certification audit scheduled for Q4 2026.

Technical and organisational measures implemented per Article 32. Data Processing Agreement available for EU customers on request.

All customer data is encrypted using AES-256-GCM with per-tenant key isolation. Encryption keys are managed in Azure Key Vault or AWS Secrets Manager, not co-located with data.

TLS 1.3 enforced for all API and SignalR connections. HSTS with a 1-year max-age and includeSubDomains. No TLS 1.1 or 1.2 fallback permitted.

Phone numbers, email addresses, credit card patterns, IBANs, and national ID numbers are detected and masked in transcripts before storage. Raw audio is retained separately per your retention policy.

Sensitive CRM fields (phone, email, account numbers) are encrypted at the field level using AES-256-GCM with nonce-per-encrypt. Plaintext never appears in database dumps.

Every API request is authenticated and authorised. No implicit trust based on network location. JWT tokens validated per request with tenant isolation enforced at the data layer.

Granular permission matrices covering read, write, and admin operations. Permissions are enforced at the API layer, not only in the UI. Super-admin operations require MFA re-authentication.

SAML 2.0 and OIDC integration with your identity provider. SCIM 2.0 for automated user lifecycle management. Deprovisioned users are immediately locked out across all sessions.

All privileged actions, authentication events, and data exports are written to an append-only audit log. The log is protected by a database trigger that prevents modification by any user, including admins.

Tenant data is pinned to a specific region (EU, US, or IL) on first interaction. Cross-region transfer never occurs without explicit tenant configuration.

Annual penetration test by an independent firm. Results reviewed by the security team within 30 days. Critical and high findings are remediated within 14 days of disclosure.

Dependency scanning on every CI build with Dependabot and Snyk. Container images scanned for CVEs before deployment. Critical CVEs patched within 48 hours.

Documented incident response plan with defined severity levels, escalation paths, and customer notification timelines. Critical incidents trigger customer notification within 24 hours.