Security Overview & Trust Center

Overview

Fluenty is built with security and privacy as core principles.

This page provides an overview of how Fluenty approaches security, data protection, and operational safeguards. It is intended to give customers and partners transparency into our practices.

Fluenty is an independent product and is not affiliated with Retell AI.

Product Scope

Fluenty provides:

• A web widget for chat and browser-based voice calls
• Widget configuration and customization tools
• Event-based analytics dashboards
• Account and subscription management

Fluenty does not:

• Provide AI models
• Process AI conversations
• Store chat transcripts or call audio
• Train AI systems

AI conversations and voice calls are handled by Retell AI under their own policies and infrastructure.

Data Handling Principles

Minimal Data Collection

Fluenty follows a data minimization approach:

• We collect only the data required to operate the service
• We do not collect or store AI conversation content
• We collect only event-based widget analytics (loads, opens, starts)

Clear Separation of Responsibilities

• Retell AI handles all AI conversation processing
• Fluenty handles widget UI, configuration, and analytics
• Customers retain control over their Retell AI agents and configurations

Security Controls

Infrastructure Security

• Encrypted data transmission using HTTPS and WebRTC
• Secure hosting and infrastructure providers
• Environment isolation between production and non-production systems
• Regular dependency and platform updates

Access Controls

• Authentication handled via Kinde
• Role-based access to the Fluenty dashboard
• Least-privilege access principles
• Secure session management

Payment Security

• Payments processed by Stripe
• Fluenty does not store full payment card details
• PCI compliance is handled by Stripe

Monitoring and Abuse Prevention

• Rate limiting and abuse prevention mechanisms
• Monitoring for unusual or malicious activity
• Logging for operational and security purposes
• Ability to suspend or disable widgets if misuse is detected

Data Retention

• Account data is retained while the account is active
• Widget analytics data is retained for up to 24 months
• Data is deleted or anonymized upon account deletion unless legally required

Details are described in the Privacy Policy and DPA.

Incident Response

In the event of a security incident:

• We investigate promptly
• We take reasonable steps to contain and mitigate impact
• We notify affected customers when legally required
• We cooperate with customers to support their compliance obligations

Subprocessors

Fluenty uses trusted subprocessors to operate the service, including:

• Kinde (authentication and identity management)
• Stripe (payment processing)
• Infrastructure and hosting providers

All subprocessors are subject to contractual data protection obligations.

Compliance Approach

Fluenty is designed to align with applicable global data protection and security principles, including:

• GDPR and UK GDPR
• CCPA / CPRA
• LGPD
• General international privacy standards

Note:

Fluenty does not currently hold SOC 2 or ISO 27001 certifications.

Our security practices are designed with recognized industry standards and SOC 2 principles in mind.

Customer Responsibilities

Customers are responsible for:

• Proper configuration of widgets and Retell AI agents
• Monitoring AI behavior and outputs
• Ensuring legal disclosures to end users
• Complying with applicable laws and regulations

Transparency and Updates

Security practices evolve as the product grows.

We review and update this page as necessary to reflect changes in technology, risk, or legal requirements.

Contact

For security or trust-related questions, please contact:

• Email: [email protected]
• Website: https://fluenty.io