Your Customer Data Is Protected
We built Avery with security from day one. Not as an afterthought. Here's exactly how we protect your business and your customers.
Data Encryption
TLS 1.3 in transit, AES-256 at rest. Your call data is encrypted from the moment it hits our servers.
Prompt Injection Hardened
Avery has been tested against adversarial inputs. Four-layer defense: input validation, instruction separation, output filtering, context boundaries.
US-Only Infrastructure
All data stays in US data centers. No offshore processing, no cross-border transfers.
You Own Your Data
Call recordings, transcripts, customer info — all yours. Export anytime. Delete within 24 hours on request.
No AI Training on Your Calls
Your customer conversations never train third-party AI models. Zero data sharing with model providers.
Quarterly Penetration Tests
External security firm audits our systems every 90 days. Findings are patched before they reach production.
Compliance Status
GDPR
EU customer data protection
CCPA
California privacy rights
TCPA
SMS/text regulations
HIPAA-Aware
Medical-adjacent trades (Q3 2026)
SOC 2 Type II
Audit completion Q3 2026
Security Audit Schedule
| Audit Type | Frequency | Owner |
|---|---|---|
| Prompt Injection Test | Weekly | Engineering |
| Access Review | Quarterly | Security |
| Penetration Test | Annually | External Firm |
| Compliance Review | Annually | Legal |
| Incident Drill | Semi-Annually | Operations |
Download the AI Compliance Checklist
25-point security checklist to evaluate any AI service before signing up. See how DevHouse AI compares to your current provider.
Download PDFQuestions about security? Our team is happy to walk you through our practices.