Your customers trust you with their information. You trust us with yours. Here is exactly how we protect it.
All customer data is encrypted in transit via TLS 1.2+ and at rest with AES-256. Call recordings, transcripts, and chat logs are never stored in plaintext.
Our infrastructure is built on redundant cloud services with automatic failover. We target 99.9% uptime and publish monthly availability reports.
We build on SOC 2 Type II compliant enterprise cloud infrastructure. Security controls are independently audited annually.
You own your data. We honor data-access and deletion requests within 30 days. Never sold, never used to train other businesses' AI.
Customer data is isolated per-tenant. Employees access data only when needed for support — and every access is logged.
Every service is monitored 24/7 with automated incident response. Security and performance anomalies trigger paging within 60 seconds.
Clear, specific commitments — not vague marketing language.
You own your data
All customer records, transcripts, and recordings belong to you. Export or delete any time.
Never sold. Never shared.
We do not sell customer data or share it with third parties for marketing.
Never used to train other AI
Your call and chat data is never used to train AI for other businesses.
Tenant-isolated storage
Each customer's data lives in its own logical partition with row-level security policies.
30-day deletion on request
Submit a deletion request and all identifiable data is removed within 30 days.
Minimal-access logging
Any employee access to customer data is logged and auditable.
The infrastructure categories that power Rev-Nova.AI — all vetted and compliance-reviewed.
Payments & billing
PCI-DSS Level 1 certified. We never store or see your card data — it is handled end-to-end by Stripe.
Calendar + analytics
OAuth-scoped calendar integration that only accesses events the AI creates. Anonymized analytics is used for traffic metrics.
Real-time voice infrastructure
Powers the real-time voice layer for our AI phone receptionist. Underlying providers are SOC 2 compliant and call audio is encrypted in transit and at rest.
Website chatbot infrastructure
Powers the embeddable chat widget. Conversations are encrypted and scoped to your tenant only.
Database & auth
Hosts customer records, appointment data, and user auth on SOC 2 Type II compliant infrastructure with row-level security policies per tenant.
Transactional email
Sends notifications, confirmations, and support emails. DKIM + SPF signed; no marketing email sharing.
Text messaging infrastructure
Powers two-way SMS for receptionist replies, appointment reminders, and confirmations.
Security questionnaires, DPA requests, and technical reviews — our team answers within 2 business days.