Most AI answering services say “your data is safe” and leave it at that. We show you the full picture — what data we collect, where it flows, how it's encrypted, and when it's deleted.
Every AI answering service claims to be “compliant” and “secure.” But when you ask them where your data actually goes — where your callers' voices are processed, where their information is stored, how long it's kept — most can't or won't answer.
Under PIPEDA's Accountability Principle, you are responsible for the personal information your service providers handle on your behalf. That means you need to know the full chain — not just the company you're paying, but how your data moves through their system.
This page gives you that picture. Every processing category. Every data type. Every hosting region. How encryption works at each step. And when data gets deleted. The full named vendor list is available in our Data Processing Agreement on request.
Every category of data processing, where it happens, how it's encrypted, and how long it's retained.
| Category | Purpose | Location | Encryption | Retention |
|---|---|---|---|---|
| Primary Database | Persistent storage for all business data, caller records, call metadata, and organization settings | Toronto, Canada | AES encryption at rest, TLS in transit, dedicated encryption key for PII fields | Configurable auto-purge on caller PII (default 90 days); anonymized analytics retained |
| Telephony | Phone number provisioning, call routing, SMS delivery, spam screening | Canadian phone numbers; routing infrastructure in North America | TLS 1.2+ for all signalling and media | Call metadata only — no call audio stored by telephony provider |
| AI Voice Processing | Real-time speech-to-text, AI response generation, and text-to-speech during live calls | United States (encrypted in transit, zero-retention) | TLS 1.2+ encryption on all audio and text streams | Zero-retention — data is processed in real-time and not stored by providers. Not used for AI model training. |
| Call Intelligence | Post-call analysis: sentiment, category, action items, revenue signals | United States (encrypted in transit, zero-retention) | TLS 1.2+ encryption | Zero-retention — only structured metadata is sent (no raw transcripts, no caller PII) |
| Payment Processing | Subscription billing, payment methods, invoicing | United States (PCI-DSS Level 1 certified) | PCI-DSS compliant encryption; tokenized payment methods | No card data stored on Vocatively servers. All payment data handled by certified processor. |
| Email Delivery | Transactional notifications (welcome emails, call alerts, billing receipts) | United States | TLS in transit; encrypted email option available for clients who require it | No sensitive call details included in emails. Delivery logs purged after 90 days. |
| Application Hosting | Backend application runtime (connects to Canadian database) | United States (application layer only) | TLS 1.2+ for all connections; SSL-required database connection to Canada | No persistent business data — all data at rest is in the Canadian database |
| Error Monitoring | Application error tracking and alerting | United States | TLS in transit | PII scrubbed before transmission. Error logs retained for 90 days. |
Persistent storage for all business data, caller records, call metadata, and organization settings
Encryption: AES encryption at rest, TLS in transit, dedicated encryption key for PII fields
Retention: Configurable auto-purge on caller PII (default 90 days); anonymized analytics retained
Phone number provisioning, call routing, SMS delivery, spam screening
Encryption: TLS 1.2+ for all signalling and media
Retention: Call metadata only — no call audio stored by telephony provider
Real-time speech-to-text, AI response generation, and text-to-speech during live calls
Encryption: TLS 1.2+ encryption on all audio and text streams
Retention: Zero-retention — data is processed in real-time and not stored by providers. Not used for AI model training.
Post-call analysis: sentiment, category, action items, revenue signals
Encryption: TLS 1.2+ encryption
Retention: Zero-retention — only structured metadata is sent (no raw transcripts, no caller PII)
Subscription billing, payment methods, invoicing
Encryption: PCI-DSS compliant encryption; tokenized payment methods
Retention: No card data stored on Vocatively servers. All payment data handled by certified processor.
Transactional notifications (welcome emails, call alerts, billing receipts)
Encryption: TLS in transit; encrypted email option available for clients who require it
Retention: No sensitive call details included in emails. Delivery logs purged after 90 days.
Backend application runtime (connects to Canadian database)
Encryption: TLS 1.2+ for all connections; SSL-required database connection to Canada
Retention: No persistent business data — all data at rest is in the Canadian database
Application error tracking and alerting
Encryption: TLS in transit
Retention: PII scrubbed before transmission. Error logs retained for 90 days.
Full named vendor list available in our Data Processing Agreement. Request a DPA
Last updated: June 2026. We update this page whenever our processing chain changes.
Our database — where all your caller records, phone numbers, call metadata, and organization data are permanently stored — is in Toronto, Canada. Phone numbers are encrypted at rest with a dedicated encryption key, and caller PII is automatically purged after your configured retention period (default 90 days).
During a live call, real-time voice processing (speech-to-text, AI response generation, text-to-speech) flows through US-based providers over encrypted connections. These providers operate under zero-retention agreements — your call data is processed in real-time and not stored on their servers. This is the industry standard for AI voice — virtually every AI answering service uses the same approach. The difference is: we tell you this upfront.
Under PIPEDA, cross-border data transfers are permitted when adequate safeguards are in place. Our safeguards: zero-retention agreements with all processing providers, no use of your data for AI model training, encryption in transit (TLS 1.2+), and all persistent data stored in Canada.
Step by step — where your data goes, how it's protected, and where it ends up.
The call arrives at your Canadian phone number. Our 5-layer spam screening checks the caller against known spam databases and verifies caller identity before the AI picks up.
The AI receptionist answers, discloses that the call is being recorded, and has a natural conversation. Speech is transcribed to text, the AI generates a response, and text is converted back to speech — all in real-time over encrypted connections.
When the call ends, the structured call record — caller name, phone number, reason for call, transcript, and recording — is saved to our Canadian database in Toronto. Phone numbers are encrypted at rest with a dedicated encryption key, separate from application secrets.
Our post-call analysis extracts structured metadata: call category, sentiment, action items, and revenue signals. Only this structured data is sent for analysis — no raw transcripts, no caller phone numbers, no PII.
A notification is sent with the caller's name and reason for calling. Sensitive details stay in your encrypted dashboard — never in email. Encrypted email is available for clients who require it.
After your configured retention period (default 90 days), our automated system anonymizes detailed call records and purges caller PII. Healthcare clients typically keep 90 days; general business clients can retain records for up to 2 years. Runs weekly — no manual intervention, fully auditable.
Before choosing any AI answering service, ask them these questions. Then ask us.
Step-by-step breakdown of what happens to your data on every call — where it goes, how it's encrypted, and what gets stored where.
All persistent data — caller records, phone numbers, transcripts, recordings, organization settings — stored in Toronto, Canada. Not “Canadian servers” with no proof.
We tell you upfront that real-time voice AI uses US-based providers with zero-retention. Others claim “all Canadian” without disclosing where voice data actually goes.
Caller phone numbers encrypted with a dedicated encryption key (separate from application secrets). Cryptographic hash for repeat-caller detection without decryption.
Scheduled tasks automatically anonymize caller PII after your configured retention period (default 90 days, up to 2 years for general business). Runs weekly. No manual intervention. Fully auditable.
PIPEDA-compliant DPA available on request. Includes full named vendor list, data handling obligations, breach notification timelines, and deletion rights.
If you're evaluating AI phone services, ask these questions. Any provider serious about privacy should answer all of them.
"Canadian servers" without a named region is a marketing claim, not a technical guarantee. Ask for the specific data centre location.
Nearly every AI voice service processes audio through US-based speech and language model providers. If they claim "all Canadian" processing, ask them to explain their speech-to-text, AI model, and text-to-speech pipeline.
If they can't produce one, they may not fully understand their own data flows — or they don't want you to see them.
Under PIPEDA's Accountability Principle, you're responsible for what your processors do with personal information. A DPA documents those obligations — and should name every vendor in the chain.
Manual deletion means it probably doesn't happen consistently. Automated purge with audit logs is the standard you should expect.
TLS (in transit) is table stakes — every website uses it. Encryption at rest with a dedicated key is what actually protects stored personal information if a database is compromised.
We don't keep your data forever. Our automated system ensures personal information is purged on schedule, while preserving the analytics you need for business decisions.
Full call records with caller name, phone (encrypted), transcript, and recording. PII fields automatically anonymized after your configured retention period (90 days default, up to 2 years for general business).
Call counts, category breakdowns, peak hours, sentiment trends. No PII — just the numbers you need to understand your business.
Fully anonymized, aggregated statistics with no way to trace back to any individual. Used for service improvement and industry benchmarks.
We provide a PIPEDA-compliant Data Processing Agreement on request. It includes our full named vendor list, breach notification timelines, and your deletion rights.
compliance@vocatively.appWant to know more about how we handle data, our encryption approach, or our retention policies? We're happy to walk you through it.
support@vocatively.app