Built for procurement review and controlled onboarding, without overstating guarantees that are not contractually documented
Security and Data Handling
This page explains how ChatnCall.ai approaches access control, deployment review, customer data handling, and procurement conversations for business customers.
Workspace access, routing logic, transcripts, and handoff design are treated as governed operational controls
Website and commercial data are generally handled by Shafinity Private Ltd as controller, while customer service data is usually handled under a controller-processor model
Privacy, GDPR, and DPA materials are available during onboarding and commercial review
What we do not claim
We do not advertise contractual SLAs, verified latency benchmarks, UK-only hosting guarantees, or fixed subprocessor commitments unless those are formally documented for the relevant deployment.
Security posture in practical terms
ChatnCall.ai is positioned as a managed business service rather than a self-certified compliance portal. That means we focus on controlled onboarding, scoped deployment review, access governance, transcript visibility, and clear customer discussions about how each workflow should operate.
Access and workspace controls
The platform is designed around controlled configuration paths, operational visibility, transcript review, user permissions, and human handoff options so teams can keep customer-facing automation governed. Access should be limited to authorised users with a business need to configure, review, or manage the relevant workflow.
Operational review and customer safeguards
- Reviewable transcripts and interaction history
- Configurable human handoff paths for cases where automation should stop
- Scoped workflow setup rather than unrestricted autonomous behaviour
- Controlled onboarding conversations before live customer-facing use
How customer data is approached
For website enquiries, demo requests, and account-level business administration, Shafinity Private Ltd generally acts as controller. For customer-service workflows configured by a business customer for its own end users, the customer will usually remain controller of that service data and ChatnCall.ai will usually operate as processor unless the contract says otherwise.
Infrastructure and third-party services
Deployments may involve third-party communication, hosting, security, authentication, or workflow services depending on the channels and integrations being enabled. Final routing, storage, and data handling can depend on the agreed setup, the enabled channels, and the service providers used in that deployment.
Retention, logging, and operational records
Retention periods can vary depending on the type of data, the customer workflow, the agreed service scope, and legal or operational needs. The platform may maintain logs, transcripts, audit-related records, and support history where those records are needed for service operation, review, troubleshooting, or compliance support.
Incident and change handling
We may update, maintain, secure, or adjust the platform over time as the service evolves. Where a deployment needs more formal change management, support expectations, or legal handling terms, those items should be documented in the relevant commercial agreement or onboarding scope rather than assumed from the website alone.
Procurement and onboarding review
If your team needs privacy, GDPR, DPA, or operational review materials, those discussions happen during commercial onboarding so the deployment scope, responsibilities, and data-handling assumptions are clear. Questions can be directed through the commercial onboarding process via sales@chatncall.ai.