Data Privacy and Security

FrontlineHQ encrypts sensitive data at multiple levels:

• In transit — All connections use TLS 1.2+ encryption
• At rest — Database encrypted with AES-256
• PII fields — Lead names, emails, and phone numbers are individually encrypted with business-specific keys

FrontlineHQ is built with compliance in mind:

• GDPR — Data export and deletion on request, DPA available
• CCPA — California privacy rights honored
• SOC 2 practices — Audit logging, access controls, data retention policies
• Voice compliance — Call recording disclosures and consent handling

See our Security page and Compliance page for full details.

You can export all your data anytime from Settings → Data Export. The export includes conversations, leads, contacts, knowledge base, and account settings in JSON format.

To delete your account and all associated data, go to Settings → Danger Zone → Delete Account. This action is irreversible and triggers a complete data deletion across all systems within 30 days.

Every significant action in your account is logged:

• Who performed the action
• What was changed
• When it happened
• IP address and device info

Audit logs are available to Owners and Admins and are retained for 90 days.