A person having a video conference through the Dialpad app

Protect your
at every step

Dialpad protects your business and customer communications with enterprise-grade security that’s built right in.

Our compliance certifications & memberships

Enterprise-level encryption

Calls over the VoIP network and in-transit web requests are encrypted using TLS. At rest, application data is permanently stored using AES 256-bit on the Google Cloud Platform.

Role-based access

Control access to certain features at the company, office, department, or user level. Granular permission levels can also be assigned for integrations across the platform.

Single sign-on

Dialpad offers integrations for access management via SAML and SCIM from providers like Okta, Azure, Google Workspace, OneLogin, and more.

Industry compliance
across the board

SOC2® Type II

Dialpad is SOC2® Type II compliant. We’ve performed a third-party audit to certify that we’ve implemented controls that operate effectively to meet the objectives of the AICPA Trust Services Principles.



ISO standards

A person calling someone on this mobile phone
A person attending to a call

Securely enable your
hybrid workforce

Sign a Data Processing Agreement (DPA) with one click to ensure that your business is set up to address data privacy requirements across Europe, the US, or wherever work finds you. Plus, every call with Dialpad uses WebRTC technology and Secure Real-Time Transport Protocol for encryption and authentication—making us more secure than traditional phone networks.

Three people in a video conference

Record and transcribe
calls with built-in
privacy features

Dialpad allows admins to configure call recording settings to comply with applicable laws—including the ability to play automated prompts to alert callers. Plus, in-call indicators make it clear whenever you’re recording. Granular controls can also pause recordings automatically whenever sensitive data is detected on screen.

A computer showing the UI of the Dialpad messaging app

Customise data retention
and management

Dialpad offers analytics and export capabilities for sensitive data that can be managed by your admins. After all, your data belongs to you. We’ll retain data until you choose to delete it. Enterprise customers can set their own retention policies to remove, archive, or anonymise data on a custom time interval. Data subject requests are available in our help centre.


We’ve got you covered

Can Dialpad help us meet PCI compliance requirements?

Dialpad offers two options to customers in order to help them maintain their PCI Compliance.

Option 1: Agents have the capability to pause their recordings in order to take payment data over a call.
Option 2:
Dialpad offers an API to programmatically stop/restart recordings for users based on actions taken in payment systems.

Are Dialpad’s integrations secure?

Does Dialpad protect against spam calls?

How does Dialpad protect against web application attacks?

Does Dialpad have an incident management process?

Does Dialpad have a policy on government data demands?

Where and how is my data stored?

More ways Dialpad
helps you stay compliant


Dialpad's data security policies

We've implemented transparent privacy measures so your conversations stay secure at every step.


A legal compliance guide for non-lawyers

A simple guide showing you how to use Dialpad’s artificial intelligence to boost your business while staying secure and compliant.


5 compliance features your contact centre needs

Learn more about automatic notifications, automatic pausing, manual pausing, exception list, and retention policies.


Try Dialpad free
for 14 days

Bring your business onto Dialpad’s enterprise-grade platform so your teams can talk, message, and meet all in one place.