§ 06Security & Compliance
Secure by architecture.
Bank-grade security and guardrails — built into the platform, not bolted on. Local deployment, zero retention, full audit trails.
§ 01Bank-grade security and guardrails
AI guardrails
The agent is limited to official CRM information only. Full audit trail of every decision and action. Immediate human fallback in case of a documentation breach.
Data & privacy protection
AES-256 encryption of all calls and data, end-to-end. Local hosting on servers in Israel for full privacy compliance. Zero Retention — conversation content is not stored by default.
Voice biometric authentication
High-precision voice identification from a short call. Advanced anti-spoofing against recordings and voice forgery. Passive authentication — identification with no challenge questions.
§ 02Certifications
Independently verified.
PCI-DSS Level 1
The highest payment-card industry security standard.
ISO 27001
International standard for information-security management.
SOC 2 Type II
Independent audit of security, availability, and confidentiality.
Privacy-protection regulation
Compliance with applicable privacy law in deployed regions.
§ 03Principles
What “secure by architecture” means in practice.
Zero data out
On-prem deployment keeps all processing inside the customer's firewall. No data ever leaves the perimeter.
Zero retention
Conversation content is not stored by default. The customer chooses what is persisted and where.
Full auditability
Every call, every script version, every disclosure, every agent decision is logged for the compliance team.