PolyAI meets international standards for data security and privacy. Our voice agents comply with governmental and industry frameworks. Below is an overview of the certifications and standards we adhere to and how they support our clients’ compliance programs.Documentation Index
Fetch the complete documentation index at: https://docs.poly.ai/llms.txt
Use this file to discover all available pages before exploring further.
Certifications and standards
ISO27001
We are certified for ISO/IEC 27001, the international standard for information security management systems (ISMS).- Learn more about ISO27001.
SOC 2 Type II
PolyAI has achieved SOC 2 Type II compliance, covering data security, availability, processing integrity, confidentiality, and privacy.- Learn more about SOC 2.
HIPAA
Where relevant, our systems are designed to meet HIPAA (Health Insurance Portability and Accountability Act) requirements. Protected health information (PHI) is handled securely.PCI-DSS
Where relevant, PolyAI is committed to complying with the PCI-DSS (Payment Card Industry Data Security Standard) for payment card data.- Learn more about PCI-DSS.
Cyber Essentials & Cyber Essentials Plus
We are certified under the UK NCSC (National Cyber Security Center) Cyber Essentials and Cyber Essentials Plus frameworks, which protect against a wide variety of cyber threats.- Learn more about Cyber Essentials.
GDPR
PolyAI complies with the General Data Protection Regulation (GDPR) to protect personal data and the privacy of individuals in the European Union. This includes:- Transparent data processing practices.
- Secure handling of personal and sensitive information.
- Measures to prevent data breaches.
- Providing individuals with control over their personal data, including access and deletion requests.
- Learn more about GDPR.