Skip to content

Commit 6cb357f

Browse files
committed
added a new section and updated faq.
Signed-off-by: sahil suman <sahilsuman933@gmail.com>
1 parent 16607bd commit 6cb357f

File tree

3 files changed

+140
-12
lines changed

3 files changed

+140
-12
lines changed

fern/docs.yml

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -448,26 +448,27 @@ navigation:
448448
contents:
449449
- page: Support
450450
path: support.mdx
451-
451+
- page: RSS Feed
452+
path: rss-feed.mdx
452453
- section: Enterprise
453454
contents:
454455
- page: Vapi Enterprise
455456
path: enterprise/plans.mdx
456457
- page: On-Prem Deployments
457458
path: enterprise/onprem.mdx
458-
- page: HIPAA Compliance
459-
path: security-and-privacy/hipaa.mdx
460-
- page: PCI Compliance
461-
path: security-and-privacy/PCI.mdx
462-
- link: SOC-2 Compliance
463-
href: https://security.vapi.ai/
464-
465459
- page: Glossary
466460
path: glossary.mdx
467-
468-
- page: RSS Feed
469-
path: rss-feed.mdx
470-
461+
- section: Security and Privacy
462+
collapsed: true
463+
contents:
464+
- page: GDPR Compliance
465+
path: security-and-privacy/GDPR.mdx
466+
- page: HIPAA Compliance
467+
path: security-and-privacy/hipaa.mdx
468+
- page: PCI Compliance
469+
path: security-and-privacy/PCI.mdx
470+
- link: SOC-2 Compliance
471+
href: https://security.vapi.ai/
471472
- section: Legal
472473
collapsed: true
473474
contents:

fern/security-and-privacy/GDPR.mdx

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
---
2+
title: "GDPR Compliance"
3+
subtitle: Learn how Vapi ensures GDPR compliance for its voice assistant platform.
4+
slug: security-and-privacy/GDPR
5+
---
6+
7+
At Vapi, safeguarding your personal data is our top priority. In full alignment with the General Data Protection Regulation (GDPR), we maintain robust standards for data protection and privacy. This document provides an overview of our data processing practices, legal bases, data subject rights, and the security measures we employ—all designed to ensure that your data is managed with the utmost care.
8+
9+
## Data Processing & Legal Bases
10+
11+
Our operations involve the secure processing of various types of personal data to enhance and deliver the Vapi service. We process information such as email addresses, names, phone numbers, physical addresses, usage statistics, and location data. The legal grounds underpinning this processing are:
12+
13+
- **Consent:** Users voluntarily provide consent for non-essential data processing (e.g., location-based services and marketing communications). This consent can be withdrawn at any time.
14+
- **Contractual Necessity:** We process the data essential for fulfilling the services offered through Vapi, as detailed in our terms of service.
15+
- **Legitimate Interests:** Data is processed to improve service functionality, enhance security, and analyze usage patterns, provided that our legitimate interests do not override your rights.
16+
17+
## Data Subject Rights
18+
19+
Vapi ensures that every user benefits from the robust rights granted by the GDPR. These rights include:
20+
21+
- **Right to Access:** You can request and obtain a copy of your personal data.
22+
- **Right to Rectification:** If your data is inaccurate or incomplete, you can request corrections.
23+
- **Right to Erasure (Right to be Forgotten):** Under certain conditions, you can ask for your personal data to be deleted.
24+
- **Right to Restrict Processing:** You have the option to limit how your data is processed.
25+
- **Right to Data Portability:** You can obtain and transfer your data in a structured, commonly used format.
26+
- **Right to Withdraw Consent:** If your data processing is based on consent, you can withdraw it at any time.
27+
28+
## Data Security Measures
29+
30+
We deploy a range of technical and organizational safeguards to protect your personal data from unauthorized access, alteration, disclosure, and destruction, including:
31+
32+
- **Encryption:** Data is encrypted in transit and at rest.
33+
- **Secure Server Configurations:** Our infrastructure is optimized for enhanced security.
34+
- **Access Controls:** Strict controls ensure that only authorized personnel access sensitive data.
35+
- **Regular Assessments:** Security audits and penetration tests are routinely performed to identify and address vulnerabilities.
36+
37+
## Third-Party Data Processors
38+
39+
To provide a best-in-class experience, Vapi partners with several reputable third-party providers, all of which comply with our GDPR standards. These include:
40+
41+
- **Analytics Tools:**
42+
- *Google Analytics*
43+
- *Cloudflare Analytics*
44+
- *Segment.io*
45+
- *Mixpanel* (with opt-out options)
46+
- *PostHog*
47+
48+
- **CI/CD and Development Platforms:**
49+
- *GitHub*
50+
51+
- **Payment Processors:**
52+
- *Stripe*
53+
54+
Each of these providers is carefully selected and operates under strict data protection agreements to ensure that your data remains secure.
55+
56+
## Transborder Data Transfers
57+
58+
In cases where personal data is transferred outside the European Union (primarily to the United States), we ensure that all transfers are governed by legally approved safeguards such as standard contractual clauses. These measures guarantee that your data receives the same level of protection, regardless of where it is processed.
59+
60+
## Compliance Testing & Continuous Improvement
61+
62+
To reinforce our GDPR compliance, we conduct routine testing and audits including:
63+
64+
- **Penetration Testing:** Confirming there are no critical vulnerabilities.
65+
- **Compliance Audits:** Verifying that our data processing practices adhere to GDPR standards.
66+
- **Role-Based Access Control Tests:** Ensuring that access to personal data is strictly limited to authorized personnel.
67+
- **Data Breach Simulations:** Evaluating the efficiency of our incident response plans.
68+
- **User Consent Management Tests:** Checking the ease and accuracy of obtaining or withdrawing user consent.
69+
- **Data Recovery and Deletion Tests:** Ensuring our backup systems and deletion protocols function as required.
70+
71+
These measures ensure that our data protection systems remain robust, up-to-date, and fully compliant with the ever-evolving data protection landscape.
72+
73+
## Conclusion
74+
75+
Vapi’s dedication to safeguarding your personal data is unwavering. Our comprehensive compliance framework not only meets but exceeds the minimum requirements of the GDPR, ensuring that your privacy and data security are always at the forefront of our operations.
76+
77+
For further details, please contact our Data Protection Officer or review our detailed [GDPR Report](https://security.vapi.ai/).
78+

fern/snippets/faq-snippet.mdx

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,4 +57,53 @@ To learn more about Vapi’s pricing, you can visit our [pricing page](/pricing)
5757
Vapi also has some of the lowest latency & (equally important) highest reliability amongst any other voice AI platform built for developers.
5858

5959
</Accordion>
60+
<Accordion title="Can we achieve latency of around 800 milliseconds?" icon="bolt" iconType="solid" defaultOpen={false}>
61+
62+
Yes, Vapi is designed to achieve low latency, typically around 800 milliseconds for end-to-end voice processing. Our infrastructure is optimized for real-time communication, and we continuously work to minimize latency through various optimizations in our pipeline.
63+
64+
</Accordion>
65+
<Accordion title="Do you offer competitive per-minute pricing if we commit to a consistent monthly volume?" icon="chart-line" iconType="solid" defaultOpen={false}>
66+
67+
Yes, we offer volume-based pricing discounts for customers with consistent monthly usage. The more minutes you commit to, the better the per-minute rate. We're happy to discuss custom pricing plans based on your specific volume requirements and use case.
68+
69+
</Accordion>
70+
<Accordion title="Can your platform handle high levels of concurrency, ideally between 100 to 500 sessions daily?" icon="server" iconType="solid" defaultOpen={false}>
71+
72+
Absolutely. Our platform is built to handle high concurrency, and 1000+ concurrent sessions is well within our capacity. We've designed our infrastructure to scale horizontally, ensuring reliable performance even during peak usage periods. For enterprise customers with specific scaling needs, we can discuss custom solutions.
73+
74+
</Accordion>
75+
<Accordion title="Are you compliant with HIPAA, SOC 2, and GDPR?" icon="shield-check" iconType="solid" defaultOpen={false}>
76+
77+
Yes, we take compliance seriously. Vapi is:
78+
- HIPAA compliant for healthcare applications
79+
- SOC 2 Type II certified
80+
- GDPR compliant for handling EU data
81+
- Regularly audited to maintain these certifications
82+
83+
For detailed compliance documentation and reports, please visit our [security portal](https://security.vapi.ai/).
84+
85+
</Accordion>
86+
<Accordion title="How do you handle PII and PHI securely?" icon="lock" iconType="solid" defaultOpen={false}>
87+
88+
We implement multiple layers of security for PII and PHI:
89+
- End-to-end encryption for all data in transit
90+
- Secure storage with encryption at rest
91+
- Strict access controls and audit logging
92+
- Regular security assessments and penetration testing
93+
- Data minimization practices
94+
- Secure data deletion protocols
95+
96+
All data handling practices are documented in our security policies and compliance frameworks.
97+
98+
</Accordion>
99+
<Accordion title="Do you support white-labeling and on-premise deployments?" icon="building" iconType="solid" defaultOpen={false}>
100+
101+
Yes, we offer both white-labeling and on-premise deployment options:
102+
103+
- **White-labeling:** Custom branding, domain, and UI customization
104+
- **On-premise:** Full deployment within your infrastructure
105+
106+
These options are available for enterprise customers. Please contact our sales team to discuss your specific requirements.
107+
108+
</Accordion>
60109
</AccordionGroup>

0 commit comments

Comments
 (0)