Talkwisely logo
Home
Pricing
Talkwisely

The intelligent phone system for modern teams. AI-powered call analytics, coaching, and insights.

Company

  • About Us
  • Careers
  • Contact Us

Platform

  • Features
  • Cloud PBX
  • Platform Capabilities
  • CRM
  • Integrations
  • Pricing

Solutions

  • Contact Centre
  • Sales Teams
  • Customer Support
  • Unified Comms

Legal

  • Terms of Use
  • Privacy Policy
  • Cookie Policy
  • Data Processing Agreement
  • Sub-processors
  • Security & Trust

Industries

  • Real Estate
  • Healthcare
  • Financial Services
  • Recruitment
  • E-commerce
  • Education
  • Logistics

Services

  • CRM Development

© 2026 Talkwisely. All rights reserved.

Security & Trust Center

Enterprise-grade security, built in from day one

Talkwisely is built on Amazon Web Services with encryption at rest and in transit, role-based access control, region-locked data storage, and contractual guarantees that your data is never used to train AI models.

Request DPAView Sub-processors

AES-256

Encryption at Rest

TLS 1.2+

Encryption in Transit

72 hrs

Breach Notification SLA

ISO 27001

Certification Roadmap

Technical & Organisational Controls

Every one of these measures is live today — not aspirational.

Encryption at Rest

All personal data stored on our servers is encrypted using AES-256. This includes call recordings, transcripts, account data, and AI-generated outputs.

Encryption in Transit

All data between your device and our infrastructure is encrypted using TLS 1.2 or higher. There are no unencrypted channels.

Role-Based Access Control

Access to personal data is restricted by role. Only authorised personnel with a documented business need may access specific data sets.

Multi-Factor Authentication

MFA is mandatory for all Talkwisely staff who access systems containing customer data. No single-factor access to production systems.

Audit Logging

Every access to customer data is logged with a timestamped audit trail. Logs are retained and available for security reviews.

Intrusion Detection

We run continuous intrusion detection systems across our AWS infrastructure to identify and respond to anomalous activity in real time.

DDoS Mitigation

Network-level DDoS protection is active across all public endpoints, with automatic traffic scrubbing to maintain service availability.

Penetration Testing

We conduct regular penetration testing of the Talkwisely platform, both scheduled and ad-hoc, performed by independent security researchers.

Vulnerability Scanning

Continuous static and dynamic analysis (SAST/DAST) is run across our codebase and infrastructure. Security patches are applied promptly.

Staff Background Checks

Background checks are conducted for all employees and contractors who have access to systems containing customer data, prior to access being granted.

Data Residency — Your Data Stays Where You Say

Talkwisely runs on AWS. Region-locked storage is available on all plans — no upsell required. EU data never leaves the EU. Indian data never leaves India.

EU/EEA data stored in EU AWS regions only
India data stored in ap-south-1 (Mumbai) only
Standard Contractual Clauses (SCCs) in place for EU transfers
Region-locked storage on all plans, no extra cost
Custom region available on request
🇪🇺

European Union / EEA

eu-west (Ireland / Frankfurt)

EU/EEA customer data is stored in EU AWS regions and never transferred outside the EU/EEA. Standard Contractual Clauses (SCCs) govern any onward transfers required for AI API calls.

🇮🇳

India

ap-south-1 (Mumbai)

Indian customer data is stored in AWS India regions and not transferred outside India. Processing complies with India's DPDP Act 2023 and IT Act 2000.

🇬🇧

United Kingdom

eu-west-2 (London)

UK customer data is stored in AWS UK regions. Processing complies with UK GDPR.

🌐

Global

Customer-designated

All other customers may designate their preferred AWS region at account creation. We support regions across North America, Asia-Pacific, Europe, and the Middle East.

AI Security — Your Data Is Never Used for Training

Talkwisely uses third-party AI APIs to power analytics features. Every provider is bound by a DPA that contractually prohibits using customer data to train, fine-tune, or improve AI models. This guarantee is written into our customer DPA.

Customer data never used to train any AI model
All AI providers bound by DPAs with training disabled
No raw audio is retained by AI providers post-processing
Customers can opt out of AI features per user or per call
Contractual guarantee included in customer DPA

AI Providers & Guarantees

Anthropic (Claude)

Call summaries, conversational analytics, agent coaching

Commercial API DPA — no training on customer data

Google (Gemini API)

Analytics and natural language processing

Google Cloud DPA — model improvement disabled by default

OpenAI

Analytics features

API Data Processing Addendum — training disabled by default

xAI (Grok)

Analytics features

Enterprise DPA — no training on customer data

Deepgram

Speech-to-text transcription

DPA — no model training on customer audio

AssemblyAI

Speech-to-text and audio intelligence

DPA — no model training on customer audio

Certifications & Compliance Roadmap

We are transparent about where we are today and where we are headed. ISO 27001:2022 is our active target for 2026.

ISO 27001:2022

In Progress

Our primary compliance target. We are actively building our ISMS to achieve ISO 27001:2022 certification.

Target: 2026

SOC 2 Type I

Planned

Planned as part of our compliance programme, following ISO 27001:2022 certification.

SOC 2 Type II

Planned

Planned after SOC 2 Type I is achieved. Demonstrates sustained operational security controls.

HIPAA

Planned

Planned for customers in healthcare and healthcare-adjacent industries. BAA available on request.

PCI DSS

Achieved

Payment card data is handled exclusively by Stripe (PCI DSS Level 1) and Razorpay (PCI DSS compliant). Talkwisely does not store full card numbers.

GDPR DPA

In Progress

Our standard Data Processing Agreement (DPA) is currently available on request. A self-service version is in progress.

Need a DPA or security documentation?

Enterprise teams can request our Data Processing Agreement, SCC documentation, or a security briefing. We respond within one business day.

Request DPA