Talk to our security team
Evaluating TrueTone for a brokerage-wide rollout? We will walk through our current controls, our data handling, and whatever your risk team needs answered.
Security
We are building toward an enterprise-grade security posture in lockstep with our customers. This page is the honest version: what is in place today, what is on the roadmap, and the claims we will not make until they are earned and audited.
What's in place
Every connection to TrueTone runs over TLS. Data moving between you and the system is encrypted end to end.
Your profile, your drafts, and your account data are encrypted where they are stored.
Your data belongs to your account. One customer's content is never visible to another.
Team accounts run on role-based permissions. People see what their role allows, and nothing past it.
The providers that power generation and voice operate under data-processing agreements. They do not own your data.
TrueTone handles marketing content. It does not touch loan files, borrower records, or anything in your LOS.
We are not SOC 2, ISO, or PCI certified today. Certification is on the roadmap, and it will appear here when it is earned, not before.
An external security audit is planned. Until it is complete, this page describes only what we actually do today.
Customer-managed encryption keys are a roadmap item for brokerage-wide enterprise rollouts.
The honest part
SOC 2, ISO, or PCI certified.
We are not certified. We will not put a badge on this page that an auditor has not earned us. When a certification is real, it appears here with its date.
Automated compliance review.
TrueTone does not decide what is compliant for your loans. You review and approve every piece and route it through your own compliance process.
Access to your loan data.
The system handles marketing content. It does not connect to your LOS, read borrower files, or process loan data of any kind.
Zero-knowledge architecture.
Generating content in your voice means the system reads the content it generates. We will not claim an architecture the product's own function rules out.
Talk to us
Evaluating TrueTone for a brokerage-wide rollout? We will walk through our current controls, our data handling, and whatever your risk team needs answered.
Or just try it. A short voice session with Tru, your first draft in your voice, and you decide for yourself.
Credit card required. Cancel from a settings page, not an email thread.