Dialpad protects your business and customer communications with enterprise-grade security that’s built right in.
Let's go over some common security questions.
Are there session timeouts?
Yes - sessions are timed out after 30 days for Dialpad.com and the desktop apps (Mac, Windows, Chrome). The same is true for both mobile apps (iOS and Android) as long as the app isn't forcibly shut down.
If that does happen, the session restarts at 0 the next time the app is restarted.
Is Diapad HIPAA compliant?
Yes, we are HIPAA-ready. Healthcare industry customers can sign a Business Associate Agreement (BAA)with one click to get up and running. For additional details, check out our Help Center article on Dialpad's HIPAA compliance.
Is Dialpad GDPR compliant?
Dialpad helps organizations meet their GDPR compliance requirements through features such as retention policies, data subject access requests, and individual consent mechanisms. Dialpad customers can sign a Data Processing Agreement (DPA)that addresses GDPR and beyond.
Can I delete or anonymize data in bulk for GDPR compliance?
Yes—Dialpad provides bulk action tools to help you stay compliant with GDPR and other data privacy regulations. You can delete call content or anonymize multiple contacts at once, making it easier to fulfill large-scale data deletion requests, such as those related to a user’s right to be forgotten.
Is Dialpad ISO certified?
Yes. Dialpad’s infrastructure and processes are annually certified against ISO 27001:2022 (Information security management), ISO 27017:2015(Information Security in the cloud), and ISO 27018:2019 (PII for public cloud processors).
Can I set data retention policies?
Absolutely! Dialpad Users can set their own retention policies to remove, archive, or anonymize data on a custom time interval.
Dialpad company customers and end-users may file Data Subject Access Requests for disclosure, export, and deletion at the Dialpad DSAR Portal.
Where and how is my data stored?
All permanent customer data, such as contact lists, call records, recordings, and transcripts, is stored in the United States via Google Cloud Platform, and backed up daily. Transient customer data through Dialpad's data centers is held for no more than 72 hours.
Are Dialpad integrations secure?
Native authentication and authorization mechanisms are used for the integrations built with our partners to ensure that permissions and data are accessed through verified protocols such as OAuth. Dialpad also gives customers control to manage the integrations to turn on and off data or permission access at the source. Furthermore, Dialpad goes through regular security reviews of its integrations with providers such as Google and SalesForce to be listed on the providers’ application directories.
How does Dialpad protect us from web application hacks?
Quarterly penetration tests are run by an independent third-party tester on our new features and products to test against web application attacks, such as those identified within the OWASP Top 10. Dialpad also enables security scanners and security checks in continuous integration pipelines to ensure that common web application attacks are mitigated prior to deploying new releases. Dialpad also implements technical controls such as rate-limiting to protect against unauthorized traffic attacks.
How do I get a Support Code?
Support Codes allow Dialpad Support to confirm who they are talking to, which prevents fraud and ensures no malicious changes are made to your account.
Depending on the issue you're troubleshooting, Dialpad Customer Support might ask you for a Support Code.
They'll either ask you to generate one from your profile, or they'll create one for you and ask you to read it back.
To view or generate a Support Code, head to Your Settings and navigate to Support Code.
If you need a new Support Code, select Generate New Support Code.
.png)