Skip to content
CALLAIR

Trust Center

Trust at CALLAIR

This Trust Center is maintained by CALLAIR to answer the questions enterprise buyers, security reviewers and procurement teams ask before engaging an AI partner. It documents the controls and practices in place today, and is updated as our posture evolves.

What you will find here

Phase 1 of the CALLAIR Trust Center documents how we approach privacy, security and AI ethics. Governance, compliance and vendor documentation are scheduled for the next phases.

Privacy

How we handle personal data under the GDPR — controllers, purposes, retention, sub-processors and data subject rights.

Security

Our security model: access controls, encryption posture, secure development practices and the channels to report a vulnerability.

AI Ethics

How we design, deploy and govern AI systems responsibly — human oversight, transparency, data minimization and accountable use.

How CALLAIR is organized to be accountable

  • Registered legal entity

    CALLAIR SASU, registered office 6 Rue d'Armaillé, 75017 Paris, France — SIREN 945406296, VAT FR10945406296.

  • Multi-region footprint

    Operating teams across Paris (HQ), London, Porto, Barcelona and Hong Kong — supporting clients across EMEA and APAC.

  • Named contacts

    General: **contact@callair.ai** — Privacy & data: **privacy@callair.ai**. Security disclosures: see the Security page below.

  • Shared-responsibility model

    CALLAIR is responsible for the systems we design, build and operate on your behalf. Clients remain responsible for the data, decisions and end-user controls within their own environments. Engagement contracts make these boundaries explicit.

Roadmap

We publish trust documentation as it becomes verifiable. The items below are on the public roadmap and will appear in this Trust Center once evidence is in place.

  • Phase 2 — Governance, compliance, sub-processors

    AI governance charter, delivery governance model, compliance mapping (GDPR, EU AI Act), full sub-processor list with change-notification policy.

  • Phase 3 — Procurement resources

    Security questionnaire (CAIQ / SIG lite), Data Processing Agreement template, insurance certificate (gated), incident-response runbook summary, vendor onboarding pack.

  • Independent attestations

    Independent attestations such as ISO 27001 or SOC 2 are not yet in place. When they are, they will be listed with issuing body, scope and dates — never before.

Contact

For trust, privacy or security questions, write to privacy@callair.ai or contact@callair.ai. We aim to acknowledge enterprise trust inquiries within one business day.

Notes on this page

This Trust Center is editable content maintained by CALLAIR. It describes the controls and commitments in force at the date above. It is not an independent audit report and does not constitute legal advice. For binding contractual terms, refer to the executed engagement contract and any Data Processing Agreement signed between the parties.

Last updated: 18 June 2026.

CALLAIR — Innovate · Engage · Convert

Book a ConsultationContact us