Security at Poocho AI
Last updated: April 26, 2026
Poocho AI is built for organizations that can't afford downtime or data leaks — government helplines, banks, telecoms, and healthcare providers. Security isn't a feature; it's the foundation.
Deployment model
Customers deploy Poocho AI in the environment they control:
- On-premise: Inside your data center, air-gapped if required.
- Private cloud: Your AWS, Azure, or GCP tenant in the region of your choice.
- Sovereign cloud: Regional clouds compliant with local data localization (Pakistan, UAE, KSA).
We do not operate a shared multi-tenant SaaS for the core platform. Your customer data, voice recordings, and transcripts never leave your infrastructure.
Data protection
- Encryption in transit (TLS 1.3) and at rest (AES-256).
- Per-tenant key management with support for customer-managed keys (HSM / KMS).
- Automatic PII detection and redaction in transcripts.
- Role-based access controls with SSO (SAML 2.0, OIDC).
Compliance
The platform is designed to support:
- GDPR and the UK Data Protection Act for European customers.
- Pakistan's Personal Data Protection Bill (draft requirements).
- UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection.
- Saudi Arabia's Personal Data Protection Law (PDPL).
- HIPAA-aligned controls for healthcare deployments.
- PCI-DSS SAQ D requirements for financial customers.
Auditing and monitoring
- Full audit trails for every agent action and data access.
- Tamper-evident logging with WORM storage support.
- Integration with your SIEM (Splunk, Elastic, Sentinel).
Vulnerability disclosure
We welcome responsible disclosure of security issues. If you believe you have found a vulnerability, email hello@poochoai.com. Please do not publicly disclose until we've had reasonable time to respond (30 days).
Incident response
Enterprise customers receive a documented incident response SLA as part of their MSA. In the event of a security incident affecting customer data, we notify affected customers within 24 hours.
Questions
For enterprise security reviews, due diligence packets, or a walk-through of our architecture, contact hello@poochoai.com.