Security

How we protect your data

Our Commitment

Security is fundamental to everything we do at Prosody AI. We understand that you're trusting us with sensitive voice data, and we take that responsibility seriously.

Infrastructure Security

Encryption in Transit

All data transmitted to and from our APIs is encrypted using TLS 1.3

Encryption at Rest

All stored data is encrypted using AES-256 encryption

Network Security

Private VPC, WAF protection, and DDoS mitigation

Access Controls

Role-based access, MFA required, audit logging

Compliance

SOC 2 Type II
Certified
GDPR
Compliant
HIPAA
Ready (BAA available)
CCPA
Compliant

Data Handling

  • Session retention — Call audio, transcripts, and tone timelines are retained so you can review sessions after the fact
  • Tenant isolation — Each organization's data is logically isolated; no cross-tenant access
  • Configurable retention — Set how long session data is kept for your organization
  • Deletion on request — Request deletion of your organization's data at any time

Vulnerability Disclosure

We maintain a responsible disclosure program. If you discover a security vulnerability, please report it to security@prosodyai.app

We commit to acknowledging reports within 24 hours and providing regular updates on remediation progress.

Contact

For security inquiries or to request our SOC 2 report, contact security@prosodyai.app