UnlimCall
Trust & compliance

Engineered for compliance.

STIR/SHAKEN attestation A on US/CA outbound, TLS+SRTP encryption, EU-resident storage, human KYC. The compliance posture your security team can sign off on without a six-week back-and-forth.

STIR/SHAKEN A · TLS+SRTP · GDPR · DPA · SOC 2 Type II in progress

Status

What's live. What's on the roadmap.

We don't put SOC 2 logos on the homepage if the audit isn't signed. Same standard applies here.

  • STIR/SHAKEN (US/CA)attestation A · signed end-to-end · RMD listedlive
  • GDPREU-resident storage · DPA standardlive
  • TLS / SRTPTLS 1.2+ for SIP · SRTP for media · default-onlive
  • PCI scopeout-of-scope by design — no DTMF capturelive
  • SOC 2 Type IIaudit in progress · attestation letter on requestroadmap
  • ISO 27001controls aligned · certification scoped for 2027roadmap
The pillars

Four things, done right.

Carrier signing

STIR/SHAKEN attestation A

Authorized SHAKEN provider for US/CA outbound. We sign every call with full A-Level attestation — proves to downstream carriers that you are the authorized user of the displayed Caller ID.

  • Bypasses "Spam Likely" carrier flags
  • RMD listed at the FCC
  • Fully compliant with FCC and CRTC mandates
Transport

TLS + SRTP encryption

Generic SIP transmits in plain text. UnlimCall supports TLS 1.2+ for signaling on port 5061 and SRTP for media — at no additional cost. Default-on for new tenants.

  • Protection against packet sniffing
  • Secure SIP signaling handshakes
  • Works with ViciDial, FreePBX, Asterisk, FreeSWITCH
Data

GDPR · data residency

EU customer data processed and stored in our Frankfurt and London regions exclusively. CDR retention contractually defined per account, defaults to 90 days. Right-to-be-forgotten requests honored.

  • EU-resident storage option per market
  • DPA template signed pre-onboarding
  • 90-day default CDR retention · longer on request
KYC

Human KYC

We verify business legitimacy manually rather than relying on automated black-box ban systems. Protects the network reputation, protects your CLI pools from getting flagged for someone else's outbound.

  • Legal business entity verification
  • High-risk vertical audits (Forex, MCA, debt)
  • Signed Acceptable Use Policy
Sector-specific

Custom posture for regulated industries.

Finance, healthcare, government. Our enterprise team configures custom routing, private interconnects, and BAA agreements where the standard posture is not enough.

See enterprise procurement detail Talk to compliance
Ready when you are

Pick a country.Pay in two minutes.

Pick a countrySee pricing calculator
  • Magic-link signup
  • Cancel before commit ends
  • Lines live in ~2 min