Letsdial

Trust & Security

Your customers’ calls, locked down by default.

Every call, message, and recording is encrypted in transit and at rest, run on isolated tenant infrastructure, and audited against the frameworks your buyer asks about, without a paid “security tier”.

Edge / WAF
DDoS + bot filtering
TLS 1.3 + SRTP
Encrypted in transit
Encryption at rest
Per-tenant key envelope
RBAC + audit log
Least-privilege access

Frameworks & certifications

Audited against the standards your buyer asks about.

SOC 2 Type II
HIPAA
GDPR
PCI DSS
ISO 27001
CCPA

Defense in depth

Three independent layers, failure of one does not compromise the next.

  1. Layer 01

    Network

    A managed perimeter with WAF, rate limiting, and bot detection. SIP and WebRTC traffic terminate behind anti-DDoS with anomaly-based blocklisting.

  2. Layer 02

    Application

    Hardened service mesh with mTLS between every internal hop. Mandatory peer review, static analysis, and dependency scanning on every change. Regular third-party penetration tests.

  3. Layer 03

    Data

    Strong encryption at rest with per-tenant envelope keys and regular key rotation. Tenant data is logically isolated, no shared schemas, no cross-tenant joins.

Access & monitoring

Identity and audit trails your IT team will actually approve.

Identity
  • SSO via SAML 2.0 (Okta, Azure AD, Google Workspace)
  • SCIM 2.0 user + group provisioning
  • Mandatory MFA, TOTP, WebAuthn, hardware keys
  • Role-based access with custom permission scopes
Monitoring & audit
  • Tamper-evident audit log streamed to your SIEM
  • Anomalous-login detection + session revocation
  • Per-call access trail for recordings + transcripts
  • Real-time alerts for permission + role changes

Infrastructure

Built for resilience, isolated per tenant, instrumented end-to-end.

Multi-region cloud

Deployments span multiple regions with automated failover so a single-zone outage doesn't take a customer down.

Tenant isolation

Logical isolation at the storage and queue layer, no shared schemas, no cross-tenant joins, no noisy neighbours.

Locked-down production

Engineer access requires hardware-key MFA and full session recording. Nobody, including us, touches your data without an audit trail.

Transparency

Sub-processors, disclosure, residency, published, not buried.

Sub-processor list

Live registry of every service that touches customer data, with the data class involved.

View list

Responsible disclosure

Found something? Email info@letsdial.com, PGP key on file, prompt acknowledgment.

info@letsdial.com

Data residency

Pin tenant data to US, EU, or UK, picked at provisioning, enforced at the storage layer.

Talk to sales

FAQ

Questions buyers ask in the first call

Yes, every paid plan includes a BAA on request. Healthcare-classified workspaces additionally pin data to HIPAA-eligible infrastructure and disable any retention paths that would store PHI outside the BAA boundary.

Security

The security review your buyer is about to send.

SOC 2, HIPAA, GDPR, sub-processor list, and a real human at info@letsdial.com.

Signed BAA · EU residency · SSO + SCIM included