Security is built into every layer of CallWaiting - not bolted on after the fact. Here is what we do to keep your business and your callers safe.
Compliance note: SMS follow-ups are only enabled where caller consent or another valid opt-in is captured.
Compliance Standards
How We Protect You
All call recordings, transcripts, and customer data are encrypted with AES-256 at rest. All data in transit uses TLS 1.3. No data is ever stored unencrypted.
CallWaiting runs on independently audited, SOC 2 security-conscious infrastructure practices. Security controls are reviewed as the platform matures.
Our architecture is designed to support privacy requirements. Healthcare and dental customers can request a Business Associate Agreement (compliance review) at no additional cost.
Role-based permissions limit what team members can access. All logins are logged and auditable. Admin controls let you restrict exports, recordings, and sensitive data.
Every call handled by CallWaiting includes a mandatory AI disclosure at the start. Callers are informed they are speaking with an AI before any information is exchanged - designed to support clear AI disclosure practices.
You control your data. Request a full account data export or deletion at any time. Deletion requests are processed within 30 days. We do not sell or share your data with third parties.
compliance review requests, compliance documentation, and security questionnaires answered within one business day.
Contact Our Team