SECURITY, PRIVACY, & COMPLIANCE
Protect your conversations at every step
Dialpad protects your business and customer communications with enterprise-grade security that’s built right in.
Our compliance certifications & memberships
Enterprise-level encryption
Calls over the VoIP network and in-transit web requests are encrypted using TLS. At rest, application data is permanently stored using AES 256-bit on the Google Cloud Platform.
Role-based access
Control access to certain features at the company, office, department, or user level. Granular permission levels can also be assigned for integrations across the platform.
Single sign-on
Dialpad offers integrations for access management via SAML and SCIM from providers like Okta, Azure, Google Workspace, OneLogin, and more.
Industry compliance across the board
SOC2® Type II
Dialpad is SOC2® Type II compliant. We’ve performed a third-party audit to certify that we’ve implemented controls that operate effectively to meet the objectives of the AICPA Trust Services Principles.
HIPAA
GDPR
CSA
ISO standards
Securely enable your hybrid workforce
Sign a Data Processing Agreement (DPA) with one click to ensure that your business is set up to address data privacy requirements across Europe, the US, or wherever work finds you. Plus, every call with Dialpad uses WebRTC technology and Secure Real-Time Transport Protocol for encryption and authentication—making us more secure than traditional phone networks.
Record and transcribe calls with built-in privacy features
Dialpad allows admins to configure call recording settings to comply with applicable laws—including the ability to play automated prompts to alert callers. Plus, in-call indicators make it clear whenever you’re recording. Granular controls can also pause recordings automatically whenever sensitive data is detected on screen.
Customize data retention and management
Dialpad offers analytics and export capabilities for sensitive data that can be managed by your admins. After all, your data belongs to you. We’ll retain data until you choose to delete it. Enterprise customers can set their own retention policies to remove, archive, or anonymize data on a custom time interval. Data subject access requests are available in our help center.
Can Dialpad help us meet PCI compliance requirements?
Dialpad offers two options to customers in order to help them maintain their PCI Compliance.
Option 1: Agents have the capability to pause their recordings in order to take payment data over a call.
Option 2: Dialpad offers an API to programmatically stop/restart recordings for users based on actions taken in payment systems.
Are Dialpad’s integrations secure?
Does Dialpad protect against spam calls?
How does Dialpad protect against web application attacks?
Does Dialpad have an incident management process?
Does Dialpad have a policy on government data demands?
Where and how is my data stored?
More ways Dialpad
helps you stay compliant
BLOG
Is Dialpad HIPAA-compliant?
Yes. Buuut there are some measures you need to take to make sure it’s set up correctly for use by healthcare providers.
EBOOK
A legal compliance guide for non-lawyers
A simple guide showing you how to use Dialpad’s artificial intelligence to boost your business while staying secure and compliant.
BLOG
5 compliance features your contact center needs
Learn more about automatic notifications, automatic pausing, manual pausing, exception list, and retention policies.
GET STARTED
Try Dialpad free
for 14 days
Bring your business onto Dialpad’s enterprise-grade platform so your teams can talk, message, and meet all in one place.