Security & Trust

Last updated: May 2, 2026 - v1_050226

InteliVoice is built on enterprise-grade infrastructure. Here is exactly how we protect your data and your customers' calls.

Data Encryption

All data encrypted in transit (TLS 1.3) and at rest (AES-256)

99.9% Uptime SLA

Redundant infrastructure with automatic failover and 24/7 monitoring

Access Controls

Role-based access, API key authentication, and audit logging on all accounts

Infrastructure Security

InteliVoice is powered by Retell AI's voice infrastructure, which maintains SOC 2 Type II certification, HIPAA compliance, and GDPR alignment. All call processing, audio storage, and transcript data flows through Retell's certified data centers.

All API calls use HTTPS with TLS 1.3 encryption
Call recordings and transcripts encrypted at rest using AES-256
Data centers located in the United States
No call audio stored longer than 90 days unless requested by the customer
Automatic daily backups with point-in-time recovery

Compliance Posture

SOC 2 Type II (via Retell AI) HIPAA Aligned GDPR Compliant TCPA Compliant

InteliVoice leverages Retell AI's compliance certifications for voice infrastructure. Our platform layer is designed to meet TCPA requirements for AI-generated voice disclosures and call recording consent.

HIPAA Notice

InteliVoice is not itself a HIPAA Covered Entity or Business Associate by default. Healthcare customers who handle Protected Health Information (PHI) must sign a separate Business Associate Agreement (BAA) before using InteliVoice for patient-facing calls. Contact hello@intelivoice.io to request a BAA.

GDPR & CCPA

For customers serving EU or California residents, InteliVoice supports data subject access requests, deletion requests, and data portability exports. Contact hello@intelivoice.io with any data rights requests.

Call Data & Recording Security

All inbound calls handled by your InteliVoice AI host are processed in real time. Call audio, transcripts, and metadata are stored securely and accessible only to the account holder via the InteliVoice dashboard.

Call recordings accessible only to authenticated account holders
Transcripts stored with end-to-end encryption
No call data shared with third parties except as required for service delivery
Account holders can delete individual recordings or all data at any time
Caller phone numbers masked in public-facing displays

Recording Consent: InteliVoice automatically plays a disclosure at the start of every call notifying callers that the call is handled by an AI assistant and may be recorded. Account holders are responsible for ensuring compliance with applicable state recording consent laws.

Account Security

Passwords hashed with bcrypt (minimum 10 rounds)
API keys rotatable at any time from the dashboard
Session tokens expire after 24 hours of inactivity
All account changes logged with timestamp and IP address
Suspicious login attempts trigger automatic account lockout

Vulnerability Disclosure

If you discover a security vulnerability in InteliVoice, please report it responsibly to security@intelivoice.io. We review all reports within 5 business days and will not pursue legal action against good-faith security researchers.

Contact

For security questions or to request our full compliance documentation, contact security@intelivoice.io.