Data protection and information security
Protecting your data is our highest priority. We apply state-of-the-art standards in information security and data protection to ensure that your sensitive information has the best possible protection.
Our ISO 27001, ISO 27701 and ISO 27018 certifications confirm that we have established a comprehensive security and data protection management system. These globally recognized standards help us to identify risks at an early stage and to systematically minimize them.
What do the ISO certifications mean?
ISO 27001 is the world’s leading standard for an information security management system (ISMS) – we use it to systematically protect data, systems and processes.
ISO 27701 extends ISO 27001 with a privacy information management system (PIMS) and ensures that personal data is processed responsibly.
ISO 27018 supplements these standards specifically for cloud environments and strengthens the protection of personal data in the Voicepoint Cloud through additional transparency and security requirements.
Our measures to ensure data protection and information security
In order to guarantee the highest level of protection for your data, we rely on:
Internal and external expertise
A specialized team and external consultants ensure continuous optimization.Structured risk analysis
We assess potential hazards and implement targeted measures to minimize risks.Clear responsibilities
Data protection responsibilities are precisely defined to avoid security gaps.Comprehensive catalog of protective measures
IT security measures and physical safeguards are planned and implemented precisely.Transparent processes
We ensure clarity and avoid misunderstandings when working with external partners.Security awareness throughout the organization
Training, simulations, audits and further training courses raise awareness among all employees.Efficient incident handling
Security incidents are detected immediately and resolved quickly.
Our adherence to these high standards gives you an additional level of security and trust. In addition, our management system helps us to reliably implement the requirements of the new Swiss Data Protection Act.
With us, you are opting for a future-proof solution that guarantees data protection and information security at the highest level. Want to learn more? If so, please download our factsheet.
Download factsheet
Frequently asked questions about data protection and security
Storage and location
Where is my data stored?
Your data will be stored in a data protection-compliant Swiss cloud located in Zurich.
Is all data stored entirely in Switzerland?
Yes, your data never leaves Switzerland. It is stored in the secure Voicepoint Cloud at Microsoft Azure’s Swiss data center in Zurich.
Standards and certifications
What data protection and security standards does Voicepoint fulfill?
Voicepoint meets the most stringent data protection and information security requirements. The company is certified in accordance with ISO 27001, ISO 27701, and ISO 27018 and strictly complies with the requirements of the revised Data Protection Act (revFADP).
What are the benefits of ISO certifications for me?
The ISO certifications demonstrate our commitment to adhering to the highest standards in data protection and information security. You benefit from a proven security concept that protects your data reliably over the long term.
Access and authorizations
Who has access to my data – and how is this ensured?
Only persons authorized by you have access to your data.
How is access by employees controlled, logged and restricted?
Access is systematically logged and regularly checked. The principle of the minimum allocation of rights applies; only those who need access receive it.
Processing and purpose limitation
Will my speech or dictation data be used for training or other purposes?
No, your data will only be used for recognition and the improvement of the individual speech profile. It will not be used for any other purposes or passed on to third parties.
How does Voicepoint ensure that no personal data ends up in the speech profile?
The system only processes voice input – without reference to individual persons. Names and identities are not recorded or stored in the process unless this is entered by the user themselves.
For how long is data stored – and when is it deleted?
Speech data is automatically deleted as soon as the storage limit of 50 hours per user is reached. Dictations/recordings are deleted after an individually defined period of time.
What role does the US CLOUD Act play and how does Voicepoint deal with it?
The Voicepoint Cloud is protected with a specially designed encryption concept. The encryption concept is based on the “bring your own encryption” principle, which prevents US companies such as Microsoft from accessing your data stored in the cloud.
Incident management and transparency
What happens in the event of a data protection incident?
We have a clearly defined process in place. We identify, document, analyze and resolve security incidents as quickly as possible. We actively inform our customers of any relevant cases.
How does Voicepoint assist with data protection audits and inquiries?
We offer active support with data protection audits and official inquiries. Our Information Security & Compliance team is at your disposal as a direct point of contact.
Do you have questions about data protection and information security? We are happy to answer them.
Benjamin Rüegg
Head of Business Management & Compliance
