LEGAL
Security & SOC 2
This page describes VoxRange's security posture and ongoing compliance work. Detailed technical documentation is available under NDA — request via security@voxrange.com.
Our approach
VoxRange is built for the regulated industries we serve — banking, healthcare, BPO, real estate. Security and compliance are not retroactive. Every product line, every deployment tier, and every data flow is designed with auditability and data sovereignty in mind.
SOC 2
VoxRange is pursuing SOC 2 Type II certification across the five trust-service criteria: security, availability, processing integrity, confidentiality, and privacy. Certification documentation will be available under NDA upon completion.
Encryption
- In transit: TLS 1.3 for all customer-facing endpoints. Encrypted SIP signalling for telephony.
- At rest: AES-256 for stored transcripts, recordings, and customer data.
Access control
Role-based access control with least-privilege defaults. Customer admins control who sees transcripts, recordings, and analytics within their own organisation.
Deployment options for data residency
Our three deployment tiers let you choose where customer voice data lives:
- Cloud: multi-tenant SaaS with encryption in transit + at rest.
- Private cloud: dedicated VPC + database in your chosen region.
- On-premise: licensed, encrypted components running in your own data centre — full data sovereignty.
Incident response
We maintain a documented incident-response plan, including notification timelines for affected customers. Status page and post-mortems published for all material incidents.
Contact
Security questions: security@voxrange.com