top of page

RAautoPause Privacy Policy

 1️⃣ Privacy Policy
Secure Pause – Privacy Policy

Last Updated: January 2026

1. Overview

Secure Pause is a compliance-focused software product designed to automate call recording pause and resume actions based on agent application context. Secure Pause collects minimal operational metadata and does not collect customer content or personal data beyond what is required to provide the service.

2. Information We Collect

  1. Information Collected Automatically

  2. Agent identifier (UUID)

  3. Agent display name

  4. Pause and resume timestamps

  5. Pause duration

  6. Conversation identifier (UUID)

  7. Sanitized application URLs (domain and path only)

  8. Information We Do Not Collect

  9. Audio recordings

  10. Call transcripts

  11. Customer names or phone numbers

  12. Keystrokes

  13. Screen content

  14. Browser cookies

  15. Authentication credentials

3. Use of Information

Collected data is used solely to: Enforce recording compliance, Generate operational reports, Support audit and compliance reviews

4. Data Minimization

Secure Pause applies server-side sanitization to all URLs to remove: 

  1. Query parameters

  2. Tokens

  3. Identifiers

  4. Fragments

  5. Only application domain and path are stored.

5. Data Retention

  1. Data is retained according to customer configuration:

  2. Pause sessions: configurable (default 90 days)

  3. Aggregated reports: up to 12 months

  4. Real-time status: ephemeral

6. Data Security

  1. TLS encryption in transit

  2. Encrypted storage at rest

  3. Role-based access control

  4. Tenant data isolation

7. Data Sharing

Secure Pause does not sell, rent, or share customer data with third parties except infrastructure providers required to operate the service.

8. Customer Rights

Customers may request data access or deletion by contacting Secure Pause support.

9. Changes

This policy may be updated periodically. Material changes will be communicated.

📋 2️⃣ SIG Lite – Sample Answers (High-Confidence)
Data Handling

  • Q: Do you collect customer PII?

  • A: No. Secure Pause collects operational metadata only and does not collect customer personal data.

  • Encryption

  • Q: Is data encrypted in transit and at rest?

  • A: Yes. TLS is used for data in transit. Data is encrypted at rest via cloud provider mechanisms.

  • Authentication

  • Q: How are users authenticated?

  • A: Username/password authentication with scrypt-hashed passwords and role-based access control.

  • Access Control

  • Q: Can customers access other customers’ data?

  • A: No. Tenant isolation is enforced at the application and database layers.

  • Logging & Monitoring

  • Q: Are security events logged?

  • A: Yes. Authentication and operational events are logged server-side.

  • Incident Response

  • Q: Do you have an incident response process?

  • A: Yes. Incidents are logged, investigated, and customers are notified per contractual requirements.

  • Extension Security

  • Q: Does the browser extension collect keystrokes or page content?

  • A: No. The extension monitors only active URL metadata.

🧱 3️⃣ Security Architecture (High Level)
Secure Pause – Security Architecture Overview
Base Components - Browser Extension

Secure Pause Web Service

PostgreSQL Database

Genesys Cloud (OAuth & APIs)

Architecture Flow
Agent Browser (Extension)
        |
        v
Secure Pause Web Service
        |
        v
Tenant-Isolated PostgreSQL

Security Controls

OAuth handled directly by Genesys Cloud

No call content flows through Secure Pause

Tenant isolation enforced at DB layer

Rate-limited reporting endpoints

🧾 4️⃣ Procurement FAQ (Customer-Friendly)

  • Q: Does Secure Pause record calls?

  • A: No. Secure Pause does not record audio or transcripts.

  • Q: What employee activity is monitored?

  • A: Only pause/resume metadata related to recording compliance.

  • Q: Where is data stored?

  • A: Data is stored in a secure PostgreSQL database hosted on cloud infrastructure.

  • Q: Can we control data retention?

  • A: Yes. Retention windows are configurable per tenant.

  • Q: Is Secure Pause multi-tenant?

  • A: Yes. Each customer’s data is logically isolated.

  • Q: Is Secure Pause SOC 2 certified?

  • A: Secure Pause follows SOC 2–aligned security practices and is preparing for formal certification.

✅ 5️⃣ SOC 2 Readiness Checklist (For Internal Use Only)

bottom of page