— Compliance
Voice changes the compliance surface. Rexa.ai ships the enforcement, the audit trail, and the consent flows so your integration starts above the regulatory line — not racing to it.
Outbound calls honour federal and state quiet-hour rules by default — the dispatcher refuses jobs outside the callee’s local 8am–9pm window. Consent records are stamped on every call so audit trails are one query away.
Learn more →Numbers are scrubbed against the federal DNC list plus every state list we have a data licence for. Tenants can add their own internal suppression lists via the API or dashboard — suppression is enforced at dispatch-time, not post-hoc.
Learn more →Two-party consent states get a pre-greeting legal prompt before any audio is captured. One-party states still record the consent event in the call log so downstream disputes have evidence.
Learn more →Every voice clone requires a signed consent statement from the speaker at enrolment — stored immutably and linked to every call the clone participates in. Revocation takes the voice out of rotation within one dispatch cycle.
Learn more →EU-origin traffic routes to EU-region infrastructure; subject-access + erasure APIs ship with the platform. A DPA + SCC package is available on request from the legal section of the dashboard.
Learn more →External penetration testing runs annually against every public surface; findings and remediations are summarised on /security. Disclosures land within the same window we’d want as a customer.
Learn more →We cannot audit your source lists, your purpose of contact, or the accuracy of the consent you collected upstream. The platform enforces what it can see — you remain the controller of record for the consent provenance, the call purpose, and any regulated content the agent discusses. The AUP spells out what you commit to when you send traffic through Rexa.ai.
We reply within one business day — often faster when it’s time-sensitive for a procurement review.