Skip to content
feelingstream
//Article

22 May 2023/Lauri Ilison

Data security in conversation analysis

Data Security in Customer Conversations

When we discuss priorities at Feelingstream, one thing is always clear. Of course we want to win new customers and build the next feature — but the item at the top of the list never changes: data security. Security for our customers, for the customers of our customers, and for our services.

Customer conversations contain some of the most sensitive data an organisation holds. For regulated industries — insurance, banking, telecom, utilities, logistics — analysing that data safely is a precondition, not a nice-to-have. This guide explains how we approach it.

Deployment options that fit your risk profile

Different organisations have different security requirements, so we offer three deployment models. The choice is yours.

On-premises

The full service — with all its microservices — is deployed inside your own data centre. It requires no internet connection to operate, keeping everything within your infrastructure and control. This suits the strictest environments.

Closed cloud

A balance between on-premises security and cloud scalability. You (or Feelingstream) provision resources with a major cloud provider such as Microsoft Azure, AWS or Google Cloud. You can audit and verify the deployment, gaining scalable resources at a verified security level.

Feelingstream cloud

Our managed cloud environment, hosted with a third-party provider within the European Union. No data leaves the EU, and each customer's environment is completely separated from every other.

Anonymisation and data masking

Conversations from calls, email, chat and feedback are full of personally identifiable information (PII). We can anonymise (sanitise) conversations across every channel:

  • Text — names, numbers and other identifiers are masked to protect confidentiality while keeping the conversation analysable.
  • Audio — the speaker's voice is altered so the person is unrecognisable.

Masking follows defined media-sanitisation guidelines, and it is what allows the whole company to work with conversational data without exposing individual customers. Analysts can study patterns and trends without ever seeing raw PII.

Access control for model building

Feelingstream builds its own ASR and classification models. Training or tuning those models for a specific customer requires that customer's data — so access is tightly controlled: only the specific people who need it during model work can access it, and only for as long as necessary.

ISO 27001 and GDPR

Our processes are built around recognised standards:

  • ISO 27001 — certified information-security management covering how we handle, store and protect data.
  • GDPR — EU data residency, masking of personal data, and clear data-handling practices support compliance for organisations operating in Europe.

For regulated buyers, this combination — certification, EU residency, masking and deployment choice — is what makes analysing 100% of conversations feasible without increasing risk.

Security as an enabler, not a blocker

It is tempting to treat security and analytics as a trade-off: the more you lock data down, the less value you can extract. Done properly, the opposite is true. Because masking removes PII while preserving meaning, more people across the business can safely use conversational data — which is exactly how you turn conversation analytics into efficiency, quality and sales gains.

Frequently asked questions

Is Feelingstream GDPR compliant?

Yes. We keep EU data in the EU, mask personal data, and follow ISO 27001-certified processes that support GDPR compliance.

Can Feelingstream run fully on-premises?

Yes. The complete service can be deployed inside your own data centre with no internet connection required for operation.

Does data ever leave the EU?

In the Feelingstream cloud model, no — data is hosted with an EU-based provider and does not leave the EU. On-premises and closed-cloud options keep data within your chosen environment.

How does data masking work?

PII such as names and numbers is masked in text, and the speaker's voice is altered in audio, so conversations can be analysed without exposing individuals.

Who can access our data?

Access is restricted to the specific people who need it — for example, data scientists during model building — and only for as long as necessary.

Where to go next


Have questions about deploying conversation analytics on regulated data? Book a demo and we will walk through the security model with you.