loading

SOC 2

AIFrontDesk SOC 2 Compliance Policy

Last Updated: September 12, 2025

1. Introduction

AIFrontDesk is committed to maintaining the highest standards of security, confidentiality, and privacy. Our SOC 2 compliance demonstrates that we follow strict controls and procedures to protect the data of our users and clients.


2. Scope

This SOC 2 policy applies to all AIFrontDesk systems, services, and personnel that handle or process customer data, including:

  • AI chatbot interactions
  • AI call agent interactions
  • Technical and operational systems supporting these services

3. SOC 2 Trust Service Criteria

We adhere to the following SOC 2 Trust Service Criteria:

  • Security: Protecting data and systems against unauthorized access, both physical and logical.
  • Availability: Ensuring systems are operational and accessible as agreed.
  • Processing Integrity: Ensuring systems process data accurately, completely, and timely.
  • Confidentiality: Ensuring sensitive information is protected from unauthorized disclosure.
  • Privacy: Ensuring personal information is collected, used, retained, and disclosed according to privacy policies and legal requirements.

4. Security Controls

  • Access Controls: Role-based access, least privilege principle, multi-factor authentication.
  • Encryption: AES-256 for data at rest and TLS 1.3 for data in transit.
  • Monitoring: 24/7 monitoring of systems for unauthorized access or anomalies.
  • Incident Response: Documented procedures to detect, respond, and remediate security incidents.
  • Vendor Management: Third-party service providers (Botpress, Retel AI) are SOC 2 compliant or demonstrate equivalent controls.

5. Data Privacy and Confidentiality

  • AIFrontDesk does not store chat or call data; all interactions are handled through trusted third-party providers.
  • Confidential data is accessible only to authorized personnel under strict policies.
  • Data sharing is limited to necessary third parties under contractual confidentiality agreements.

6. Availability and Business Continuity

  • Systems are monitored to minimize downtime and ensure service availability.
  • Backup procedures and disaster recovery plans are in place to ensure continuity of service.

7. Processing Integrity

All systems are designed to accurately process information. Automated and manual controls ensure that data is complete, valid, and authorized.


8. Compliance and Audits

  • AIFrontDesk undergoes regular internal audits to assess SOC 2 controls and compliance.
  • External SOC 2 audits are conducted by certified independent auditors.
  • Audit results are used to improve security and operational processes continually.

9. Changes to This SOC 2 Policy

AIFrontDesk may update this policy as necessary to reflect changes in operational practices, security measures, or regulatory requirements. Updates will be posted with a revised “Last Updated” date.


10. Contact

For questions regarding our SOC 2 compliance policy:
Email: contact@aifrontdesk.co
Address: 10 Anson Road, #28-01 International Plaza, Singapore 079903

By using AIFrontDesk services, you acknowledge that we implement SOC 2 controls to safeguard your data.