Compliance

Our commitment to regulatory compliance and data protection

Compliance Overview

Voice.Tax is committed to maintaining the highest standards of compliance with applicable laws and regulations. We understand the sensitive nature of tax and financial data and have implemented comprehensive compliance measures to protect your firm and your clients.

Data Protection Regulations

GDPR (General Data Protection Regulation)

For firms serving EU clients, we comply with GDPR requirements:

  • Lawful basis for data processing
  • Data subject rights (access, rectification, erasure, portability)
  • Privacy by design and by default
  • Data breach notification within 72 hours
  • Data Processing Agreements (DPAs) available
  • EU-based data storage options

CCPA (California Consumer Privacy Act)

We comply with CCPA requirements for California residents:

  • Transparent data collection disclosures
  • Right to know what data is collected
  • Right to delete personal information
  • Right to opt-out of data sale (we do not sell data)
  • Non-discrimination for exercising privacy rights

Other State Privacy Laws

We monitor and comply with emerging state privacy laws including Virginia CDPA, Colorado CPA, and other applicable regulations.

Industry-Specific Compliance

IRS Regulations

While Voice.Tax does not provide tax advice or preparation services, we support tax professionals who must comply with:

  • IRS Circular 230 requirements
  • E-filing security standards
  • Taxpayer data protection guidelines
  • Record retention requirements

Gramm-Leach-Bliley Act (GLBA)

For accounting firms that handle financial information:

  • Safeguarding of customer information
  • Privacy notices and policies
  • Information security program
  • Vendor management and oversight

Professional Standards

We support compliance with professional standards from:

  • AICPA (American Institute of CPAs) confidentiality rules
  • State Board of Accountancy regulations
  • IRS Enrolled Agent requirements
  • State-specific professional conduct rules

Telecommunications Compliance

Call Recording Laws

Voice.Tax complies with federal and state call recording laws:

  • Configurable recording consent notifications
  • Support for one-party and two-party consent states
  • Clear disclosure of recording practices
  • Secure storage of recorded calls

Telephone Consumer Protection Act (TCPA)

  • Do Not Call (DNC) compliance features
  • Opt-out mechanisms for automated calls
  • Proper consent documentation
  • Call time restrictions

VoIP and Carrier Regulations

We work with compliant voice carriers that maintain FCC registration, E911 capabilities, and STIR/SHAKEN call authentication to prevent spoofing.

Accessibility Compliance

ADA and WCAG Standards

Our platform strives to meet WCAG 2.1 Level AA standards:

  • Keyboard navigation support
  • Screen reader compatibility
  • Sufficient color contrast
  • Alternative text for images
  • Clear and consistent navigation

Data Sovereignty and Localization

We understand that some firms require data to remain in specific geographic locations:

  • US-based data centers by default
  • Geographic data residency options available
  • Transparent disclosure of data transfer practices
  • Standard Contractual Clauses (SCCs) for international transfers

Audit and Certification

We maintain rigorous audit standards:

  • SOC 2 Type II (In Progress):

    We are pursuing SOC 2 Type II certification to demonstrate our commitment to security, availability, and confidentiality controls.

  • Annual Security Audits:

    Third-party security assessments and penetration testing conducted annually.

  • Compliance Documentation:

    Detailed documentation available for your firm's compliance audits.

Vendor Management

All third-party vendors are carefully vetted for compliance:

  • Annual vendor risk assessments
  • Verification of security certifications
  • Data Processing Agreements (DPAs) with all vendors
  • Regular vendor security reviews
  • Documented vendor management policies

Your Compliance Responsibilities

While we provide compliant infrastructure, you remain responsible for:

  • Obtaining proper consent for call recording in your jurisdiction
  • Complying with your professional licensing requirements
  • Maintaining client confidentiality per your profession's ethics rules
  • Configuring appropriate data retention periods
  • Training your staff on privacy and security practices
  • Notifying clients of your use of AI voice services

Business Associate Agreements

For firms subject to HIPAA or similar regulations (e.g., handling healthcare-related tax matters), we can provide Business Associate Agreements (BAAs) upon request. Contact compliance@voice.tax for details.

Staying Current

Regulations evolve constantly. We monitor regulatory changes and update our practices accordingly. We will notify you of any changes that affect your use of our service.

Questions and Support

For compliance questions, documentation requests, or to report compliance concerns, contact our compliance team at compliance@voice.tax