DRAFT FOR REVIEW
hthr.ai logohthr
DRAFT FOR REVIEW - PENDING LEGAL APPROVAL

Enterprise-Grade Security & Data Privacy

Your Trust Center for understanding how HTHR protects your voice recordings, emails, CRM data, and integrations with major platforms.

Last Updated: January 24, 2026

Status: Internal Draft / Pending Legal Review

AES-256 Encryption
SOC 2 Type II
GDPR Compliant
OAuth 2.0

1. Data Encryption & Storage

We employ industry-leading security protocols to ensure your data remains private and secure:

Encryption at Rest

All data stored on our servers, including call recordings and training documents, is encrypted using AES-256 standards.

Encryption in Transit

All communications between your browser, our platform, and our AI agents are protected via TLS 1.2+ encryption.

SOC 2 Compliant Infrastructure

HTHR is hosted on secure, world-class cloud infrastructure (AWS/Google Cloud) that maintains SOC 2 Type II and ISO 27001 certifications.

2. Secure Integrations

HTHR connects to your existing tools using the highest security standards available:

OAuth 2.0

We use secure OAuth protocols to connect with Google Workspace, Microsoft Outlook, HubSpot, and Salesforce.

No Stored Passwords

HTHR never sees or stores your third-party passwords; we access data only via secure, limited-scope tokens.

Scoped Access

We only request the minimum permissions necessary to perform the tasks you assign to your AI agent.

3. AI Privacy & Training

We believe your data belongs to you:

Data Isolation

Your company's knowledge base and training documents are isolated to your specific account instance.

No Public Training

We do not use your proprietary business data or private call recordings to train our global AI models.

Automatic Redaction (Planned)

Our system is designed to identify and redact sensitive PII during call transcript analysis.

4. Regulatory Compliance

HTHR is built with global compliance standards in mind:

GDPR & CCPA

We provide tools for users to exercise their data rights, including data deletion and portability.

TCPA & CAN-SPAM

Our AI agents are programmed to respect 'Do Not Call' lists and include proper opt-out mechanisms in all email outreach.

Secure Configuration

For our medical and healthcare use cases, HTHR is designed to be securely configured.

5. Responsible AI Governance

Human-in-the-Loop

Users can enable 'Approval Mode' to review AI-generated drafts before they are sent to leads.

Audit Logs

Every call summary, diagnostic, and sentiment score is logged and available for your review at any time.

Security Inquiries

For security-related questions or to request our security documentation, please contact us at security@hthr.ai