Fazpi AI beta
ES EN
Talk to Fazpi

Security

Last updated: May 23, 2026

Security is foundational to Fazpi AI. We handle sensitive communications (voice, messaging, payments) and take our responsibility to protect that data seriously. This page outlines our security practices.

Encryption

  • In transit: all data is encrypted using TLS 1.2 or higher. API connections require TLS; plaintext HTTP is rejected.
  • At rest: data stored in our databases and object storage is encrypted with AES-256.
  • Voice calls: telephony connections use SRTP encryption.

Infrastructure

  • Hosted on SOC 2 Type II and ISO 27001 certified cloud infrastructure.
  • Network segmentation and firewall rules limit lateral movement.
  • All infrastructure is managed as code with version-controlled deployments.
  • Regular vulnerability scanning and dependency auditing.

Access control

  • Least-privilege access for all team members.
  • Multi-factor authentication (MFA) required for all internal systems.
  • Access to production systems is logged and reviewed.
  • Customer data access is restricted to personnel who need it to provide support, with audit trails.

Application security

  • Input validation and output encoding to prevent injection attacks.
  • Rate limiting and abuse prevention on all endpoints.
  • Regular code reviews with security-focused checks.
  • Dependency monitoring for known vulnerabilities.

Compliance

  • TCPA: built-in consent management for automated calls and messages.
  • HIPAA-ready: for Enterprise customers handling protected health information (PHI), we offer a Business Associate Agreement (BAA) and enforce additional safeguards.
  • CCPA/CPRA: we honor data subject rights and do not sell personal information.
  • GDPR: standard contractual clauses for international data transfers; data processing agreements available on request.

Incident response

We maintain an incident response plan that includes detection, containment, investigation, and notification. In the event of a confirmed data breach, we notify affected customers within 72 hours and relevant authorities as required by applicable law.

Responsible disclosure

If you discover a security vulnerability, please report it to [email protected]. We appreciate responsible disclosure and will work with you to address the issue promptly. We do not pursue legal action against researchers who act in good faith.

Questions

Clever AI Labs LLC (d/b/a Fazpi AI)
30 N Gould St Ste R
Sheridan, WY 82801, USA

Security questions: [email protected]