CXEX Global Data Handling Policy Statement

At CXEX, we are committed to upholding the highest standards of data security, privacy, and regulatory compliance across all regions where we operate our SaaS Speech Analytics Platform, AutoInsights. This policy outlines how we handle, protect, and process data to ensure transparency, trust, and adherence to local and international standards.

ISO 27001 Certified

SOC 2 Compliance (2026)

AWS FTR Passed

Our Data Handling Principles

1. Regional Data Residency and Processing

AutoInsights is hosted in regional AWS data centers in the USA, UK, Australia, and South Africa
All data is processed and stored within the client’s geographic region
Pre-processing redaction to remove Personally Identifiable Information (PII)

2. Certifications and Compliance

ISO 27001 Certification: Commitment to international standards
SOC 2 Compliance: Finalizing certification in 2026
AWS Foundational Technical Review: Passed AWS’s stringent benchmarks

3. Automated Compliance Monitoring

Utilize Vanta software to manage compliance
Automated security monitoring for ISO 27001 and SOC 2
Continuous adherence to compliance benchmark

Human Oversight in AI

We employ a Human-in-the-Loop (HITL) process to ensure the accuracy, fairness, and reliability of AI outputs. This involves rigorous testing and validation of AI models (“Listeners”) before deployment and during ongoing operations. Quarterly statistical reviews of client AI models ensure ongoing performance accuracy.

4. Incident Management and Risk Mitigation

Incident response protocols aligned with ISO 27001
Rapid detection, containment, and resolution of security incidents
Regular risk assessments and audits

5. Transparency and Client Control

Clients retain full ownership of their data
Data use limited to agreed-upon purposes
Transparent reporting on AI solution effectiveness

6. Continuous Improvement

Regular reviews of data handling practices
Alignment with evolving regulations and standards
Quarterly statistical reviews of AI models