AI Responsibility Statement
RevRag AI Technology Private Limited builds AI voice and chat agents for enterprises in regulated sectors. We are committed to developing and operating our AI/ML products responsibly, safely, and in line with India's Responsible AI principles. This statement explains how we do that.
Human oversight and accountability
Our AI agents assist and execute defined workflows; they do not make autonomous high-impact decisions. We do not use AI to make credit, lending, or other adverse decisions about individuals. Sensitive or out-of-scope situations are escalated to a human representative. A designated Data Protection Officer and grievance officer are accountable for our AI and data-protection practices.
Transparency
Our agents identify the organisation on whose behalf they are calling and state the purpose of the interaction at the outset, and do not impersonate a specific named individual.
Fairness and non-discrimination
We test and evaluate our agents to operate consistently and avoid unfair or discriminatory outcomes, and we apply anti-hallucination ("grounding") controls so responses stay accurate and within scope. We design for inclusivity, including multilingual support.
Privacy and data protection
We act as a Data Processor on behalf of our enterprise clients and process personal data only on their documented instructions. All data is stored and processed in India (AWS Mumbai); we do not transfer it outside India. Personal identifiers such as phone numbers are masked and are never sent to third-party language, speech-to-text, or text-to-speech models; spoken audio is processed by the speech-to-text provider under zero/low-retention configuration. We operate under the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000.
Data minimisation and retention
We collect and process only the data needed for the contracted purpose, configure zero or minimal data-retention with our AI sub-processors wherever supported, and delete data per client-defined retention and on request.
Security and independent assurance
We encrypt data in transit (TLS 1.2+) and at rest (AES-256), enforce role-based access with multi-factor authentication, and maintain ISO/IEC 27001:2022 certification and SOC 2 Type II reporting, with semi-annual penetration testing and an independent data-localization audit.
Continuous monitoring
We review model performance, safety, and our vendors' practices on an ongoing basis, and we update our controls as AI standards and Indian regulatory guidance evolve.
Last updated: 18 June 2026