Security & Trust

Data Protection by Design

• Data is hosted in the EU/UK by default
• Client data is never used to train our models
• Retention settings are fully configurable — including zero-retention closed-loop deployments
• Agents can be deployed in our secure cloud or within a firm-controlled environment
• All data is encrypted at rest and in transit using industry-standard protocols

How We Handle Voice Data

Voice conversations are processed with the same security standards as written data:

• Recordings are encrypted immediately upon capture
• Transcription and processing happen in secure, isolated environments
• Voice data can be automatically deleted after processing if required
• Access to voice recordings is strictly controlled and logged

Flexible Deployment Models

We support cloud, hybrid and firm-hosted deployments to meet the InfoSec requirements of each organisation. Whether you need our agents running in our secure cloud, within your own infrastructure, or in a hybrid configuration, we can accommodate your security and compliance needs.

AI Agent Safety & Insurance

Our voice agents are built on the first AI platform to achieve AIUC-1 certification — the industry's first security, safety, and reliability standard for AI agents, developed with Cisco, Microsoft, JPMorgan Chase, Stanford, and 50+ organisations.

• Independently tested against 5,000+ adversarial scenarios covering hallucinations, prompt injection, data leakage, and unauthorised actions
• Audited by Schellman, an accredited AIUC-1 auditor (also accredited for SOC 2 and ISO 27001)
• Insurance-backed deployment with coverage for AI-specific incidents including incorrect outputs, data exposure, and reputational harm
• Aligned with ISO 42001 (AI Management), NIST AI RMF, MITRE ATLAS, and EU AI Act requirements
• Quarterly recertification ensures ongoing compliance, not just point-in-time assurance

AIUC-1 is an independent standard from the Artificial Intelligence Underwriting Company, backed by leading insurers and developed with Fortune 500 security leaders.

Compliance & Certifications

• ISO 27001 – Information Security Management System (certified)
• GDPR – Full compliance with UK and EU data protection regulations
• AIUC-1 – Built on the first AIUC-1 certified AI voice platform (insurance-backed)
• SOC 2 Type II – Roadmap in place for Q1 / 2 2026

Security Monitoring & Incident Response

Our platform is continuously monitored for security threats and anomalies. We maintain:

• 24/7 security monitoring and alerting
• Regular penetration testing and vulnerability assessments
• Formal incident response procedures
• Regular security training for all team members