Trust & Security

Revois protects your customers' data with enterprise-grade security standards and international compliance certifications.

Compliance Certifications

Full compliance with international security standards

SOC 2
Type II
GDPR
Compliant
KVKK
Compliant
HIPAA
Compliant

SOC 2 (Type II)

Our compliance with security, availability, processing integrity, confidentiality, and privacy principles has been verified by independent auditors.

GDPR (Compliant)

We fully comply with the European Union General Data Protection Regulation standards for processing, storing, and protecting personal data.

KVKK (Compliant)

All our data processing activities are conducted in accordance with Turkish Personal Data Protection Law No. 6698.

HIPAA (Compliant)

We offer HIPAA-compliant configuration options for healthcare sector customers. Business Associate Agreement (BAA) available upon request.

Third Party Providers

We partner with industry-leading providers who share our commitment to security

Provider
Service
Compliance
AWS
Infrastructure
SOC2, GDPR
Supabase
Database
SOC2, GDPR, HIPAA
Cloudflare
CDN & Security
SOC2, GDPR
Twilio
Telephony
SOC2, HIPAA
Deepgram
Speech-to-Text
SOC2, HIPAA
Google
AI (Gemini)
SOC2, HIPAA
ElevenLabs
Text-to-Speech
SOC2, GDPR
Stripe
Payments
PCI DSS

Data Security

Enterprise-grade security measures

End-to-End Encryption

All data is protected with TLS 1.3 during transit and AES-256 encryption at rest. Voice data, transcripts, and customer information are encrypted at every stage.

Infrastructure Security

Protected by Cloudflare's global network with enterprise-grade security.

  • Global CDN with edge locations worldwide
  • DDoS protection and Web Application Firewall (WAF)
  • Automatic SSL/TLS encryption
  • GDPR and Privacy Shield compliant
  • 24/7 security monitoring and threat detection

Access Control

  • Role-based access control (RBAC)
  • Two-factor authentication (2FA)
  • Single sign-on (SSO) support (Enterprise)
  • Granular permission management for API keys
  • Complete audit log for all access

Audit and Monitoring

  • Detailed logging of all system activities
  • Anomaly detection and automatic alerts
  • Quarterly security reviews
  • Annual independent security audits

AI and Data Privacy

Data security is our priority in AI-powered services

Your Data Is Not Used for Model Training

Customer data, inputs, or outputs are never used to train AI models. Your data is only processed to serve you.

Zero Data Retention Policy

We have contractual zero data retention agreements with our third-party AI providers (Deepgram, Google Gemini, ElevenLabs). Call data is not stored by these providers after processing.

Inference-Only Architecture

Our AI models operate in "inference" mode only. This means models cannot learn from or retain information from conversations. Each call occurs in an isolated session.

Questions About Security?

Our security team is ready to answer your questions.