Trust Center

VoiceAxis AI is positioned as an operating layer for real phone calls. This page describes the controls that make that believable: human review, audit trails, data protection, and deployment-specific governance.

Privacy Policy →Subprocessors →

Production control model

  • Human approval queue before ERP, CRM, EHR, spreadsheet, or WhatsApp push.
  • Call transcript, structured capture, confidence context, status, and owner for each reviewed outcome.
  • Escalation rules for emergency, high-risk, low-confidence, or out-of-policy calls.
  • Deployment-specific retention, routing, language, and business-hours configuration.

Security controls

  • Encryption in transit using HTTPS/TLS for web and API surfaces.
  • Cloud-provider encryption at rest for supported storage and database services.
  • Role-based admin access, least-privilege internal access, and operational audit logs.
  • Separation of customer workflows, catalogues, call logs, and integration credentials by deployment.
  • Vendor review before production use of telephony, AI, speech, messaging, hosting, and analytics providers.

Privacy and DPDP readiness

VoiceAxis AI is designed for India-first business workflows. Production deployments should define the data fiduciary/processor relationship, notice language, purposes, retention, consent or legitimate-use basis, grievance path, and breach notification responsibilities before go-live.

The public website uses privacy-conscious analytics and should disclose analytics, demo intake, and subprocessor categories in the privacy policy.

Healthcare and regulated workflows

Healthcare, financial-services, collection, and support workflows require extra review because calls can contain sensitive personal data, payment context, financial data, or health information.

HIPAA, BAA, PCI DSS, SOC 2, ISO 27001, and sector-specific requirements are handled as scoped contractual controls. The website should not be read as a certificate, audit report, or blanket compliance claim.

AI governance

  • Recorded voice previews on the website are static files; the website does not run live ElevenLabs, Sarvam, or browser TTS calls.
  • Customer call data is not used to train third-party foundation models unless agreed in writing.
  • High-risk decisions should be routed to human teams. VoiceAxis AI captures and assists; customers remain responsible for final operational decisions.
  • Prompt, script, and catalog changes should be versioned and reviewed before production rollout.

Incident response

Production deployments should include a named incident contact, severity levels, customer notification windows, log preservation, containment steps, and post-incident review. Security reports can be sent to the security contact below.

Security contact

Report suspected vulnerabilities or security incidents to security@vaanios.com.