← Back to Home

Security & Data Privacy

Your data security is our top priority. Here's how we protect your conversations, insights, and sales data.

Enterprise-Grade Security

Bank-level encryption and SOC 2 compliance

You Own Your Data

100% data ownership, export anytime

Privacy by Design

GDPR and CCPA compliant

Data Encryption

All data is encrypted using AES-256 encryption, the same standard used by banks and government agencies.

  • At Rest: All stored data (call transcripts, coaching notes, performance metrics) is encrypted in our database
  • In Transit: All data transmission uses TLS 1.3 encryption
  • API Communication: All API calls are encrypted and authenticated

Data Ownership & Control

You own 100% of your data. Period.

We're the infrastructure - you own the insights. Your call transcripts, coaching notes, performance data, and analytics belong to you, not us.

What This Means:

  • Export Anytime: Download all your data as CSV or JSON via API
  • Delete Anytime: Request full data deletion with one click
  • No Lock-In: Cancel anytime, keep your data for 30 days
  • No Training on Your Data: We never use your conversations to train AI models

Infrastructure & Hosting

SalesAI.Coach is built on enterprise-grade infrastructure with 99.9% uptime SLA.

  • Database: Supabase (PostgreSQL) with Row Level Security (RLS)
  • Hosting: Vercel with global CDN and automatic scaling
  • AI Processing: OpenAI API (HIPAA-compliant, SOC 2 Type II)
  • Backups: Automated daily backups with 30-day retention
  • Disaster Recovery: Multi-region redundancy and point-in-time recovery

Enterprise Customers: Dedicated instances, custom data residency (US, Canada, EU), and on-premise deployment available (2025 roadmap).

Compliance & Certifications

✓ SOC 2 Type II Compliant

Annual third-party audits of our security controls

✓ GDPR Compliant

EU data protection and privacy regulations

✓ CCPA Compliant

California Consumer Privacy Act compliance

✓ PIPEDA Compliant

Canadian privacy law compliance

Access Control & Privacy

We implement strict access controls to ensure only authorized users can view your data.

  • Row Level Security (RLS): Database enforces user permissions - no one sees data they shouldn't
  • Role-Based Access: Admin, Manager, and Rep roles with granular permissions
  • SSO Integration: Single Sign-On with Google, Microsoft (Enterprise only)
  • 2FA Available: Two-factor authentication for all accounts
  • Audit Logs: Track who accessed what data and when (Enterprise only)

What We DON'T Do

No data selling: We never sell your data to third parties

No AI training: Your conversations are never used to train our models

No cross-customer access: Your data is isolated from other customers

No marketing emails: from your call data (only product updates you opt into)

Have Security Questions?

We're happy to answer any security or compliance questions.

Email Our Security TeamRead Privacy Policy

Enterprise customers: Request our full security documentation and DPA (Data Processing Agreement).