Security controls for recorded-call address extraction
VoiceAddress processes sensitive operational recordings, transcripts, and address results. These are the controls currently built into the product and the production requirements customers should expect before broad rollout.
Tenant-scoped access
Dashboard, API keys, jobs, exports, and mutations are scoped to the authenticated user or organization.
HTTPS and signed webhooks
Production traffic is served over HTTPS. Stripe webhook events are accepted only with a valid Stripe signature.
Scoped API credentials
API keys are hashed at rest, displayed only once, and can be limited to read and write extraction scopes.
Retention cleanup
Transcripts can be redacted after 24 hours and Google-derived validation fields after 30 days by scheduled cleanup.
Upload hardening
Media uploads are checked by size, signature, tenant identity, rate limit, and ffmpeg resource limits before processing.
Production data store
Managed Postgres is required for durable subscription state, API keys, rate limits, and customer-ready audit history.
Data handling
Users should upload only recordings they are authorized to process. The product stores job metadata and address results for review, while transcript and provider cache retention can be reduced by scheduled cleanup.
Customer responsibilities
Customers are responsible for recording consent, regulated-data approvals, internal access policies, and deciding whether extracted results require human review before dispatch, delivery, billing, or compliance decisions.
Before enterprise use
Enable managed Postgres, object storage, malware scanning, worker isolation, centralized audit logs, backups, monitoring, incident response, and signed DPA terms.
Need a deeper review?
Production customers should request a data-processing review before uploading regulated or high-risk recordings.