Security

Customers trust AI Enroll with their contact lists and communications. Here is how we protect that data.

Encryption

• All traffic is encrypted in transit with TLS 1.2+.
• Data is encrypted at rest by our infrastructure providers (Convex for the database, Vercel for hosting).

Authentication & access

• Sign-in is handled by Clerk, supporting SSO (Google) and strong session management. Passwords are never stored on our servers.
• Every workspace is a separate tenant. All data access is checked against the caller’s tenant membership on the backend — not just hidden in the UI.
• Role-based permissions (Admin, User, Enroller) plus per-user page permissions let admins limit exactly what each team member can see.

Communications safety

• Webhooks from our telephony and email providers are signature verified before processing.
• Opt-outs are enforced at the platform level: STOP keywords, email unsubscribe links with one-click support, bounce and complaint handling, and per-channel do-not-contact flags that workflows cannot bypass.
• Business texting runs through carrier-registered A2P 10DLC campaigns; calling honors configurable quiet-hours windows by the contact’s local time zone.

Infrastructure

• Hosted on Vercel and Convex — SOC 2 audited cloud platforms with redundant, continuously backed-up storage.
• Per-tenant API keys isolate each customer’s email, voice, and scheduling integrations.
• Production access is limited to authorized personnel.

Responsible disclosure

Found a vulnerability? Email support@aienroll.co with details and we will respond promptly. Please do not access data that is not yours or disrupt the Service while testing.

Live status

Current system availability is published on our Status page.