Compliant by Design, Not by Afterthought
Compliant AI for outbound sales and inbound call handling. Built in the EU, for the EU.
Why Compliance Matters for AI Calling
The regulatory landscape for AI in sales is changing. Most US-based competitors ignore EU regulations. We don't.
EU AI Act (August 2026)
Article 50 requires AI disclosure at the start of every AI-powered conversation — whether outbound sales calls or inbound customer inquiries. Non-compliance risks fines up to €30M or 6% of global revenue.
GDPR (Since 2018)
Requires consent, data minimization, right to erasure, and audit trails for all customer interactions including inbound call recordings. Fines up to €20M or 4% of global revenue for violations.
EU AI Act Article 50
Transparency Compliance
Ringvox is already compliant with the EU AI Act, effective August 2, 2026.
1. Deterministic Disclosure
Every call starts with a hardcoded AI disclosure. Not LLM-generated — fully deterministic and auditable.
2. Configurable Disclosure
Customize disclosure wording to match your brand voice while maintaining regulatory compliance. Edit from your dashboard settings.
3. Audit Trail
All calls are recorded. Disclosure always happens first. Full audit trail for regulatory compliance.
4. System Classification
Our AI calling system is classified under transparency obligations (Article 50), not high-risk systems. Lower compliance burden.
5. Inbound Call Disclosure
Inbound callers are informed they're speaking with AI immediately. The greeting includes an AI disclosure statement, ensuring compliance even for unexpected callers.
Timeline: EU AI Act enforcement begins August 2, 2026. Ringvox is already compliant.
GDPR Compliance
Built for EU Data Privacy
GDPR-native data handling from day one.
EU Data Residency
All data stored in EU-region Supabase servers. No data transfer to US or non-EU jurisdictions.
Consent Management
Track consent for each contact. Opt-out handling. Suppression list management for GDPR and DNC compliance.
Right to Erasure
One-click contact deletion. All associated data (calls, recordings, transcripts) removed permanently.
Data Minimization
Only collect data necessary for call execution. No unnecessary tracking or profiling.
Suppression Lists
Maintain do-not-call lists. Automatic screening before every campaign. CSV bulk import support.
Audit Logging
Full audit trail of all data access, modifications, and deletions. Immutable logs for compliance.
Inbound Call Recording Consent
Inbound calls inform callers about recording at the start. Consent is obtained before any data collection. Callers can opt out at any time.
Caller Data Handling
Inbound caller information (phone number, name, inquiry details) is processed with legitimate interest basis. Data retained only as long as necessary for business purpose.
Security
Enterprise-Grade Data Security
Your data is protected at every layer.
🔒 Encryption
TLS 1.3 for data in transit. AES-256 encryption at rest. All API keys hashed with SHA-256.
👥 Role-Based Access Control
Owner, Admin, Member, and Viewer roles. Granular permissions for team access management.
🔑 API Key Authentication
Secure API key generation with prefix-based lookup and timing-safe verification. One-time display at creation.
🛡️ Multi-Factor Authentication
Optional MFA enrollment with recovery codes. Login history tracking for suspicious activity detection.
📧 Invite-Only Access
No public signups. All users must be invited by organization owners or admins. Email verification required.
📜 Login History
30-day login history with IP addresses and timestamps. Detect unauthorized access attempts.
Competitive Advantage: Built for the EU
Most US-based AI calling platforms ignore EU regulations. We don't.
| Feature | Ringvox | Typical US Competitor |
|---|---|---|
| EU AI Act Article 50 Disclosure | ✓ | — |
| EU Data Residency | ✓ | — |
| GDPR Right to Erasure | ✓ | — |
| Suppression List Management | ✓ | ✓ |
| Audit Logging | ✓ | — |
| Consent Tracking | ✓ | — |
| Inbound AI Disclosure | ✓ | — |
| Inbound Data Consent | ✓ | — |
Comparison based on publicly available documentation from leading US-based AI calling platforms as of February 2026.
Inbound Compliance
Inbound AI Agent Compliance
Additional compliance measures for inbound call handling.
- 1
AI Disclosure in Greeting Message
EU AI Act Article 50 compliance: Callers are informed immediately that they're speaking with AI.
- 2
Call Recording Consent Notification
GDPR + ePrivacy: Callers are informed about recording and can opt out before data collection begins.
- 3
Business Hours Transparency
After-hours handling disclosure: Callers are informed when calling outside business hours and what to expect.
- 4
Data Minimization for Caller Information
GDPR Article 5: Only essential information (phone number, inquiry context) is collected and stored.
- 5
Right to Erasure for Caller Records
GDPR Article 17: Caller data and recordings can be deleted on request with full audit trail.
- 6
EU Data Residency for Call Recordings
All inbound call recordings, transcripts, and caller information stored in EU-region servers.
- 7
Transfer Disclosure
Callers are informed when being transferred to a human agent, maintaining transparency throughout the interaction.
Ready to Deploy Compliant AI?
Deploy with confidence. Full EU compliance from day one.
Both outbound campaigns and inbound agents fully compliant from day one.