Security & Data Handling

Data we process

When a caller contacts a shop using AutoShop Voice AI, we process the following categories of data on behalf of the shop:

• Caller phone number (caller ID)
• Caller name (when provided during the call)
• Vehicle information (year, make, model, VIN when shared)
• Service request details (symptoms, concerns, urgency)
• Appointment preferences (date, time, service type)
• Audio recordings of the call (when recording is enabled)
• AI-generated call summaries, transcripts, and task entries

Data ownership and shop control

Each shop owns the data generated by its calls. Shops control whether call recording is enabled, can delete individual call records through the dashboard, and may request a full data export. When a shop cancels its account, active service data is deleted within 30 days unless a different written agreement applies. Encrypted backups expire through normal backup rotation within 90 days.

Encryption

Data is encrypted in transit using TLS 1.2+. Database connections use TLS with certificate validation. Call recordings are encrypted at rest. API credentials, DMS integration secrets, and authentication tokens are stored using AES-256 encryption or industry-standard hashing.

Access controls

Shop owners and designated team members access call data through role-based dashboard accounts (owner and admin roles). Production cloud and infrastructure console access is limited to authorized personnel and protected by provider-level access controls.

Dashboard accounts authenticate with email and password over HTTPS using secure session cookies. Email verification is required for new accounts. Shop owners and admins may enable TOTP-based multi-factor authentication (compatible with standard authenticator apps) from account settings. When MFA is enabled, a second factor is required at sign-in. Admin accounts may be required to enroll in MFA as part of your organization's onboarding.

Sensitive settings — including phone-line deletion, DMS integration changes, billing plan changes, full data export, and account deletion — require an owner or admin role, per-user rate limiting, and step-up re-authentication (confirming your password or MFA code again within the last 15 minutes before the action).

Many sensitive operations are recorded in an internal audit log, including sign-in events, account deletion, recording playback, call history access, phone-line and integration changes, DPA acceptance, and administrative actions. Shop data exports are owner-gated and recorded in the audit log.

Repair status and service-history responses require shop-configured verification before any customer, vehicle, repair, invoice, or appointment detail is disclosed through the voice workflow.

Call recording disclosure

When call recording is enabled for a shop, callers hear a disclosure at the start of the call. Recording can be disabled per shop, and shops can configure disclosure language for their operating state. If a caller declines recording, the shop can disable recording for that workflow or route the caller to a human fallback. Shops may delete individual recordings from the dashboard.

Data retention

Active shop data is retained for the life of the account. When a shop cancels, active service data is deleted within 30 days unless a different written agreement applies. Encrypted backups expire through normal backup rotation within 90 days. Callers may request deletion of their personal data by contacting the shop or support@autoshopvoice.com.

Operational safeguards

AutoShop Voice AI is operated on US-based cloud infrastructure with encrypted storage, network controls, logging, backup procedures, and incident response practices appropriate for a service that handles call recordings, transcripts, SMS content, and shop account data.

Vulnerability disclosure

Security researchers may report suspected vulnerabilities to security@autoshopvoice.com. Please avoid destructive testing, social engineering, spam, denial of service, data exfiltration, or accessing data that is not yours. We aim to acknowledge good-faith reports within five business days.

Allowed testing includes passive review of public pages and testing only accounts, shops, phone numbers, and data you own. Low-rate manual testing that could affect live calls or customer data requires prior approval. Automated scanning, denial of service, spam, phishing, social engineering, physical attacks, testing real shop/caller data, and accessing, modifying, or exfiltrating third-party data are out of scope.

Reports should include the affected URL or object, steps to reproduce, impact, screenshots or logs when safe to share, and suggested severity. Good-faith reports that stay within this policy will not be pursued legally solely because of the research. Duplicate reports are handled based on the first actionable report we receive.

A machine-readable disclosure contact is available at /.well-known/security.txt.

Subprocessors

We use the following third-party services to operate the platform. Detailed provider information, legal entity names, and data processing locations are maintained on our authoritative sub-processor page.

• AI inference — speech-to-text and natural language understanding for voice calls
• Telephony — phone number provisioning and voice/SMS transport
• Payment processing — subscription billing
• Transactional email — delivery of account and notification emails
• Cloud infrastructure — application hosting and database services

See Sub-processors for the authoritative list including legal entity names and data processing locations.

Contact

Security questions or concerns: support@autoshopvoice.com