Compliance & Data Privacy at Orifox

We design our AI Chatbot, CRM and Auto-Dialer to meet strong privacy and security standards — GDPR-ready, encrypted, auditable, and enterprise-friendly.

Our Compliance Commitments

Orifox follows a privacy-first approach across product design, hosting, data processing and customer support. Below are the core commitments that govern how we handle personal data.

G
GDPR-Ready
Processes, data subject rights handling, and data processing agreements available for EU customers.
E
End-to-End Encryption
Data is encrypted in transit (TLS 1.2+) and at rest using industry-standard AES-256 when stored.
A
Access Controls & Audit Logs
Role-based access, admin controls, and immutable audit trails for sensitive actions.
P
Privacy by Design
Minimal data retention, configurable retention policies, and consent-first data collection.
C
Compliance Documentation
Data Processing Agreement (DPA), Security Whitepaper, and SOC / audit summaries available on request.

Security & Audits

We run regular vulnerability scans, third-party penetration tests, and periodic security reviews. Our hosting partners provide physical and network security controls to safeguard customer data.

  • Penetration testing & vulnerability management
  • Periodic security audits and patch management
  • Encrypted backups and secure key management

Data Retention & Deletion

Customers control retention policies. Data can be retained for the minimum time required to deliver services, and full deletion is available on request (subject to legal obligations).

Data Residency & Hosting

We support region-based hosting options (where available) to help meet local regulations. Contact sales for dedicated or on-premise options.

Data Subject Rights

We provide mechanisms to fulfill data subject requests, including:

  • Access to personal data
  • Rectification & portability
  • Restriction & erasure (right to be forgotten)
  • Objection to processing

To exercise a right, contact our Data Protection Officer (DPO) at info@orifox.com or use the portal in your account settings.

Frequently Asked Questions

Is Orifox GDPR compliant?
We provide GDPR-compliant processes and a Data Processing Agreement for customers handling EU personal data.
How does Orifox secure call recordings and chat logs?
Call recordings and chat logs are encrypted at rest and access-controlled. Only authorized users with proper roles can play or download recordings.
Do you share data with third parties?
We only share data with subprocessors necessary for service delivery (hosting, SMS/telephony providers). All subprocessors are vetted and bound by contract.
Can we get compliance docs for audits?
Yes — request our Security Whitepaper, DPA, and audit summaries via info@orifox.com.