Trust & Safety
Compliance Policy
How Grezorea Agents aligns with global regulatory and industry standards.
GDPR & UK GDPR
Grezorea Agents is designed to support GDPR and UK GDPR compliance. We process personal data only for the purposes described in our Privacy Policy, maintain records of processing activities, support data subject rights requests, and enter into Data Processing Agreements with customers who require them. Customers in the EEA and UK can request a DPA from our compliance team.
CCPA & US State Privacy Laws
We honour the rights of California residents and residents of other US states with enacted privacy legislation, including the rights to know, delete, opt-out, and non-discrimination. We do not sell personal data. Requests may be submitted via support@agents.grezorea.com.
TCPA & Outbound Call Compliance
Customers are responsible for complying with the Telephone Consumer Protection Act, state call recording laws, and equivalent regulations in their jurisdictions. Grezorea provides tools including do-not-call list integration, consent tracking, call disclosure scripts, and configurable recording settings to support compliance. These tools assist but do not guarantee regulatory compliance on your behalf.
HIPAA-Aligned Workflows
For healthcare customers, Grezorea offers HIPAA-aligned configurations including encrypted data handling, access controls, and audit trails consistent with HIPAA Security Rule requirements. Customers who require a Business Associate Agreement should contact support@agents.grezorea.com. Note: Grezorea does not certify as a HIPAA-covered entity, and customers remain responsible for their own HIPAA compliance posture.
FDCPA & Debt Collection
For debt collection use cases, Grezorea provides script templates and configuration options designed to assist FDCPA compliance, including required disclosures, call time restrictions, and opt-out handling. Customers are solely responsible for ensuring their agent configurations meet FDCPA and state-level debt collection requirements.
SOC 2 Alignment
Our security and operational practices are aligned with SOC 2 Type II control objectives covering security, availability, and confidentiality. We conduct periodic third-party assessments to validate our controls. Enterprise customers may request access to assessment summaries under NDA.
Data Residency
Enterprise customers can configure region-locked data storage to meet data residency requirements in the EU, UK, Australia, and other jurisdictions. Contact our team to discuss your residency requirements.
Continuous Monitoring
Our compliance posture is reviewed on an ongoing basis. We track changes in applicable law across our key markets and update our policies, controls, and tooling accordingly. Material policy changes are communicated to customers in advance.
For compliance documentation or due-diligence questionnaires, contact support@agents.grezorea.com
Related Pages