Compliance
SOC 2 Type II audit in progress. GDPR and CCPA aligned. TCPA-aware messaging guardrails built into the platform.
Encryption
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Secrets are stored in a managed KMS.
Data ownership
You own all of your customer conversation data. We never train our base models on it. You can export or delete at any time.
Access controls
Role-based access for your team. SSO available on Enterprise. Least-privilege internal access with audit logging.
Sub-processors
We use a short list of vetted sub-processors for hosting, telephony, and CRM connectivity. Full list at security@quoram-ai.com.
Reporting issues
Found something? Email security@quoram-ai.com. We participate in responsible disclosure and run a bug bounty for verified researchers.