Security & Compliance

Security as a core requirement, not an afterthought

Dukes Technologies handles real customer data, so the system is built to protect it — encrypted storage, restricted access, continuous monitoring, and compliant infrastructure at every layer.

Encrypted Data

Customer data lives in an encrypted database hosted in secure tech stacks — never in spreadsheets or unsecured tools.

Encrypted in transit & at rest

Information is encrypted end to end, protected both while moving between systems and while stored.

Least-privilege access

Role-based permissions and multi-factor authentication limit access to approved systems and authorized people only.

No direct CRM access

We work from an approved contact list with only the fields a campaign needs — never live access to your full CRM or internal systems.

Audit logging & 24/7 monitoring

Administrative access is logged, and a Security Operations Center (SOC) watches for suspicious activity around the clock, with alerting and incident response.

Compliant voice infrastructure

The AI voice layer is built on SOC 2 Type II–certified infrastructure with HIPAA and GDPR support, including BAAs and DPAs where applicable.

Compliance

Built on audited infrastructure

Our AI voice layer runs on infrastructure with independently audited security controls and documented privacy agreements.

SOC 2 Type IIHIPAAGDPR

Certifications held at the voice-infrastructure level. Business Associate Agreements and Data Processing Agreements available where applicable.

Built around your security requirements

Stricter controls, shorter data retention, additional monitoring, or specific approval workflows — we align the final design with your policies before deployment.

Talk to us about security