Sign Up Now!

Data Security Policy

Vokals Data Security Policy

Find all information pertaining to our Data Security Policy‍

  1. Scope
    • The following describes Vokals Data Security Policy. This policy may be updated from time to time, however, terms effective at the time of signing a Proposal will apply throughout the duration of the applicable Term.
    • Defined terms provided under clause 1 of the Vokals SaaS Terms and Conditions shall apply to this policy.‍
  2. Organisational Access Control
    • Vokals employees are required to comply with the company’s policies and procedures. These policies include:
  • an obligation to not disclose proprietary or confidential information (including Subscriber-related information) to unauthorised parties; and
  • an obligation to report any known security incidents to the company’s management for investigation and action.
    • Vokals employees do not have direct access to Subscriber Data, except where necessary on a need-to-know basis to undertake:
  • Technical support.
  • system management, maintenance, backups; and
  • other actions authorised by the Subscriber in writing.
    • Vokals trains its employees on the importance of information security and the Company’s approach to maintenance of information security. This training is conducted at the commencement of the employment and at regular intervals after commencement.
  1. Cloud Infrastructure
    • Vokals uses AWS cloud infrastructure provider to host its platform and associated components.
    • AWS policies are listed as:
  1. Technical Security Measures
    • The Platform will include reasonably up-to-date versions of system security agent software which will include reasonably current and tested malware protection, patches and anti-virus protection.
    • Vokals will create a disaster recovery plan designed to provide appropriate technical and operational controls to deliver the recovery time objective (RTO) and recovery point objective (RPO), as outlined in its Service Level Policy.
    • Unless otherwise agreed by Vokals in writing, Subscriber are prohibited from performing their own penetration testing on any system of Vokals.
    • Vokals ensures that database infrastructure is segregated from the application servers and the internet via firewalls.
    • AI Vector databases for knowledge management are segregated for tenant isolation.
    • All communications are encrypted between the data exporter and the data centres using high-grade encryption (AES-256).
    • Access to Vokals on-demand applications and services is only available:
  • through secure sessions (https); and
  • with an authenticated login and password.
    • Passwords for Vokals on-demand applications and services are never transmitted or stored in their original form.
    • Several customers share the same platform instance that are hosted on the same physical machine and are isolated from each other through physical or database segregation.
  • Vokals application infrastructure is protected against intrusion by industry standard firewalls at the network, host, and application levels.
  1. ‍AI & Data Handling
    • AI models do not use subscriber personal data for training unless expressly authorised.
    • BYO models supported with secure API key management.
    • Conversation summaries and embeddings respect minimization and expiry rules.
  2. Third-Party Services
    • Interoperability with Bright Pattern, CRMs and other partners are allowed under customer control.
    • Responsibility shared — Vokals ensures third-party providers used by us comply with standards, while subscribers remain responsible for their chosen third-party integrations.
  3. Exclusions
    • The Platform may allow third party services interoperating with it to access, use, or otherwise process and transmit Subscriber Data.
    • This Data Security Policy does not apply to any processing, storage, or transmission of data outside the Platform.
    • Vokals is not responsible for the security practices (or any acts or omissions) of any third-party service providers engaged by or on behalf of Subscriber.
    • The Data Security Policy excludes:
  • Data or information shared with Vokals that is not stored in the Platform; and
  • Data in a Subscriber’s virtual private network (VPN) or a third-party network other than one that is under a contract with Vokals to assist Vokals in fulfilling its obligations to that Subscriber.
    • Vokals excludes liability for any data used, processed, stored or transmitted by a Subscriber or other third parties in violation of these terms and conditions.
  1. Disclaimer & Customer Responsibilities
    • Vokals takes all reasonable steps to secure and protect personal information in accordance with the Australian Privacy Principles.
    • Customers are responsible for the type of information they choose to share and store within the platform. Uploading unnecessary, excessive, or unrelated personal information is discouraged.
    • Where Vokals provides integrations with trusted third-party services (e.g. AWS hosting, Bright Pattern connectors), we ensure those providers meet appropriate security and compliance standards.
    • Where customers choose to connect Vokals with other third-party services under their own control, the customer remains responsible for the privacy and security practices of those services.

Vokals is an AI-powered chatbot platform helping businesses automate conversations, support customers, and scale smarter — all with ease and flexibility.

Quick Links

Contact Us

Social Media Links

Linkedin-in

VOKALS.IO © 2025 | All rights reserved.