VoiceFeedback
Early Access

Security & Compliance

Enterprise-grade security. Global compliance. Your data, your control.

Built on security fundamentals

End-to-End Encryption

All data encrypted in transit (TLS 1.2+) and at rest (AES-256). Voice recordings stored with client-side encryption keys. Zero-knowledge architecture for sensitive feedback.

GDPR & DPDP 2023 Compliant

Full compliance with European GDPR and India's Digital Personal Data Protection Act 2023. Data Fiduciary registration. Lawful basis for processing. Transparent consent mechanisms.

Data Residency Options

Choose where your data lives: India (Mumbai), EU (Frankfurt), or US (Virginia). Cross-border transfer controls. Regional sovereignty for sensitive industries.

Role-Based Access Control

Granular permissions by team, department, or project. Multi-factor authentication (MFA) required for admin roles. SSO integration (SAML, OAuth, Azure AD).

Audit Logs & Monitoring

Every action logged with timestamp, user, and IP. Immutable audit trails for compliance. Real-time alerts for suspicious activity. Export for compliance reviews.

Consent Management

Explicit voice recording consent with playback preview. Withdraw consent anytime. Automatic deletion workflows. RTBF (Right to be Forgotten) compliant.

Compliance & Certifications

In Progress

ISO 27001

Information security management system certification

In Progress

SOC 2 Type II

Independent audit of security, availability, and confidentiality

Compliant

GDPR

European data protection regulation

Compliant

DPDP Act 2023

India's Digital Personal Data Protection Act

Ready

HIPAA

US healthcare data protection (available on Enterprise)

Aligned

NABH/CAHO

Indian healthcare accreditation standards

Your Rights. Our Commitment.

Under GDPR and DPDP Act 2023, you have the following rights over your personal data:

  • Right to Access: Download all your data in JSON/CSV format
  • Right to Rectification: Update or correct your information
  • Right to Erasure: Request deletion of all personal data
  • Right to Portability: Export data to another service
  • Right to Object: Stop processing for specific purposes
  • Right to Restrict: Temporarily suspend data processing

Data Protection Officer: [email protected]
Response Time: Within 30 days of request
No Cost: First request free, reasonable fees for excessive requests

Infrastructure & Operations

Cloud Infrastructure

Hosted on AWS/GCP with 99.9% uptime SLA. Auto-scaling. DDoS protection. CDN for global delivery.

Data Residency

Choose India, EU, or US data centers. No cross-border transfers without consent. Regional backups.

Incident Response

24/7 security monitoring. Breach notification within 72 hours. Dedicated incident response team.

Enterprise Security Add-Ons

Need HIPAA compliance, custom data retention, or private cloud deployment? Our Enterprise plan includes advanced security features for regulated industries.

Transparency First

We believe in radical transparency. All security practices, subprocessors, and data flows are documented in our Privacy Policy. Questions? Email [email protected]