Security & compliance

Your calls are the most sensitive data you hold. We treat them that way.

Roark is built for the teams who answer to compliance, legal, and their customers — not just to a dashboard. Here is exactly where our programme stands.

SOC 2 Type II

Complete

Independently audited controls over security, availability and confidentiality.

HIPAA

Complete

BAA available — PHI handling, configurable retention and zero-data-retention options.

Penetration testing

Completed

Annual third-party pen tests against the platform and APIs. Report available on request.

ISO 27001

In progress

Certification underway — controls already operating under the SOC 2 programme.

Operating controls

SSO / SAML

Okta, Google Workspace, and custom identity providers.

Role-based access

Granular RBAC with per-project scoping and audit logs.

Data residency & retention

Configurable retention, deletion, and zero-data-retention.

Audit reports, security questionnaires and continuous-monitoring evidence live in our trust center — updated automatically as our controls run.

Visit the trust center

Bring a recording.
We’ll score it live.

See your own agent measured on the audio it actually produced — in the demo, in real time. Stop guessing whether your voice AI works.

founders@roark.ai · we reply fast