Skip to content

Company reference

Security and AI boundaries.

How GhostRep handles customer data, where AI is used in the product, and the lines the system will not cross on its own. A working description, not a marketing badge.

TLS encrypted

Data in transit

Encrypted

Data at rest

Role-based

Access model

Drafts only

AI outputs

Security foundations

How data is handled.

Standard infrastructure practice, applied to a workspace where role-based access and customer control are the rule, not the exception.

01

Data in transit and at rest.

All traffic between users, the GhostRep app, and underlying services runs over TLS. Customer data is stored in managed cloud infrastructure with encryption at rest. Access is restricted to the systems that need it to run the product.

02

Access controls inside your workspace.

Roles and permissions are scoped to your organization. Reps, managers, and admins see what their role allows. Authentication uses session tokens scoped to the customer.

03

Internal access at GhostRep.

Limited to support and reliability work and bounded by least-privilege principles. We do not browse customer content casually and we do not use raw transcripts to train shared models across customers.

04

Sub-processors.

GhostRep uses trusted infrastructure and AI providers to deliver the product. These vendors operate under their own security commitments and are bound by the agreements we hold with them.

AI in GhostRep

Where AI runs and where it stops.

AI is used where it earns its keep. It does not replace the manager and it does not push anything to the team without a human reviewing first.

  • Where AI runs

    Transcription, role play, summaries of Echo sessions and Job Intel, coaching recommendations, training drafts in Training Studio, and candidate scoring inside AI Recruiter. The point of contact is always clear in the product.

  • Where AI does not run

    GhostRep does not silently change company-wide settings, override manager decisions, or push training out to reps on its own. Anything that ends up in front of the team passes through a human first.

  • Drafts, not decisions

    Coaching outputs, training material, recap notes, and Training Studio modules are drafts and recommendations. A manager or admin approves before anything becomes the standard for the team.

  • Transcripts and content

    Raw transcripts are not broadly exposed by default. Visibility follows your organization's permission structure, and managers control what is reviewed, shared, exported, or used to build training.

  • Honest about limits

    AI outputs can be wrong, incomplete, or off-tone. GhostRep is built on the assumption that humans review and edit. We do not claim perfect accuracy.

Customer responsibility

What customers are responsible for.

The platform is a tool. Compliance with recording, monitoring, consent, privacy, employment, and communications laws is the customer's responsibility. The binding language lives in the Terms of Service.

  • Determining when notice, disclosure, or consent is required before recording, captioning, monitoring, or using live coaching during a conversation.

  • Providing required disclosures and obtaining required consent under all applicable recording, monitoring, consent, privacy, employment, and communications laws.

  • Configuring user roles, permissions, and access in a way that fits your company's policies.

  • Reviewing AI-generated outputs before treating them as truth or standard practice.

  • Consulting your own legal counsel for questions specific to your jurisdiction and use case.

Read full Terms of Service

Keep reading

Related references.