01 · Security
Layered controls across the platform
Rumbe applies layered controls across the customer portal, agent workspace, administration console, APIs, knowledge system, and embedded widget.
Trust Center / Rumbe AI
Built for support that must be protected, traceable, and tenant-separated
Security, privacy, AI governance, compliance-readiness, and legal information for an enterprise-grade AI customer support platform.
Rumbe AI is built for support environments where customer data, operational workflows, organization knowledge, and AI activity must be protected, traceable, and separated by tenant.
A product of Vovance Inc.
Trust at a glance
Application controls, tenant-aware boundaries, and human escalation.
Designed for teams operating authenticated portals, sensitive support workflows, multi-brand environments, or regulated customer journeys.
01PII-aware data handling and neural redaction before selected AI processing
02AES-256 encryption for stored sensitive values and AES-256-GCM for integration secrets
03Organization-level separation across users, agents, conversations, tickets, settings, and knowledge
04Tenant-isolated vector retrieval for retrieval-augmented generation
05Role-based access controls and security-relevant activity logging
06Hashed AI transaction records for request traceability without duplicating complete payloads
07Secure JWT authentication and enterprise SSO options
08Domain-restricted, tenant-specific embeddable widgets
09Source citations, AI confidence checks, and human handoff for uncertain cases
10Soft-delete and structured data patterns that can support erasure workflows
02 · Privacy
Privacy and sensitive data
Support conversations can contain names, emails, account details, screenshots, payment references, health information, and other personal data. Rumbe treats sensitive fields with elevated controls — encryption, access logging, redaction, and tenant-aware processing — and is designed to support data minimization and GDPR-aligned data-rights workflows.
03 · AI Governance
AI integrity and auditability
Rumbe does not position AI as an untraceable black box. Documented transaction logging can create SHA-256 hashes of AI request payloads, helping teams verify AI activity while avoiding unnecessary duplication of sensitive content. Source-grounded answers, citation links, confidence-based escalation, and human handoff make AI behavior reviewable.
Hashed transaction logs preserve traceability without storing a second copy of every prompt.
04 · Isolation
Tenant and knowledge isolation
Each organization’s operational records and knowledge sources are separated by organization-level boundaries. Tenant-specific vector collections help prevent retrieval from another customer’s knowledge base.
Your Rumbe AI assistant is designed to retrieve from your organization’s approved knowledge sources — not another tenant’s content.
05 · Embedding
Secure embedding
Rumbe’s embeddable widget uses tenant-specific configuration, a client-side identifier, server-side validation, and domain whitelisting. This helps prevent unauthorized third-party embedding and protects a customer’s AI usage from being consumed on unapproved domains.
06 · Compliance
Compliance readiness
Rumbe is designed with controls relevant to enterprise privacy and regulated support evaluations — PII/PHI-aware handling, sensitive access logging, encrypted secrets, tenant isolation, data-rights support, and AI transaction traceability. These controls can support compliance programs, but they do not automatically make every deployment compliant.
07 · Legal
Legal and contractual resources
The Legal Center centralizes applicable product terms, privacy information, subprocessors, data processing terms, responsible AI guidance, and healthcare contracting information.
Report a security concern
Responsible disclosure
Security researchers, customers, and partners should report suspected vulnerabilities or security incidents through an approved Vovance Inc. security contact channel. Include the affected URL or component, reproduction steps, potential impact, and safe supporting evidence. Do not include unnecessary personal data, credentials, or production secrets.
Contact security →FAQ
Frequently asked questions
Is Rumbe AI certified for SOC 2, healthcare data protection, or ISO 27001?+
No certification should be inferred from this Trust Center. Rumbe documents controls that may support enterprise and regulated evaluations. Current certifications, attestations, and contractual coverage must be confirmed directly with Vovance Inc.
Does Rumbe isolate one customer’s data from another customer?+
Rumbe’s documented architecture uses organization-level boundaries for operational records and tenant-specific vector collections for knowledge retrieval.
Can Rumbe support sensitive support workflows?+
Rumbe is designed with PII/PHI-aware safeguards, access logging, encryption, redaction, and human oversight. Suitability depends on the approved use case, deployment, contracts, and customer procedures.
Who owns and operates Rumbe AI?+
Rumbe AI is a product of Vovance Inc. and is owned, provided, operated, and commercially administered by Vovance Inc.
Evaluate Rumbe AI for your environment.
Security review requirements differ by industry, deployment model, data type, and risk profile. Vovance Inc. can discuss Rumbe AI’s architecture, available controls, deployment assumptions, and contractual options for your use case.