Security & Data Protection
Last Updated: June 23, 2026
At FieldCue, we recognize that your client conversations, recording audios, and CRM data are highly sensitive. This Security Policy details the technical safeguards, encryption standards, and data handling procedures we employ to protect your information.
1. Platform Data Flow & Architecture
FieldCue operates as a post-call processing system for GoHighLevel. Here is how your data travels through our platform:
- Ingestion: When a call completes, a HighLevel workflow triggers a webhook containing the recording URL, contact ID, and opportunity ID.
- Transcription: FieldCue downloads the audio file temporarily over HTTPS to generate a speaker-separated text transcript (using OpenAI Whisper).
- Analysis: The text transcript is analyzed using language models (Claude) to extract custom fields, check compliance script adherence, and identify objections.
- CRM Synchronization: Extracted custom fields are synchronized back to the GHL contact or opportunity, a task is scheduled (if Objections are detected), and the transcript is posted to the contact record notes.
2. Call Recording & Audio Handling
We enforce strict processing isolation for call recordings:
- Ephemeral Processing: Audio recordings are downloaded solely to perform transcription.
- Immediate Deletion: Once transcription is complete, the temporary audio files are immediately deleted from our server cache. FieldCue does not store copies of your audio files.
- Secure Downloads: All recording files are retrieved exclusively over HTTPS encrypted connections.
3. Encryption Standards
FieldCue applies cryptographic security at rest and in transit:
- In Transit: All internet communications, API requests, dashboard access, and webhook transmissions use TLS 1.3 (HTTPS) encryption.
- BYOK & Credential Encryption: Custom API keys (OpenAI, Anthropic) and GoHighLevel location OAuth tokens are encrypted in our database at rest using AES-256-GCM encryption with unique initialization vectors (IV) and authentication tags.
- Password Security: User passwords are encrypted at rest using salted cryptographic scrypt hashing functions to protect against database leaks.
4. Integration & OAuth Access Scopes
We authorize connection with GoHighLevel via official OAuth 2.0 channels. FieldCue requests access solely for scopes required to automate post-call admin workflows:
- Contacts (Read/Write): To locate contacts, read custom field values (for overwrite protection checks), and update extracted fields.
- Opportunities (Read/Write): To transition opportunity stages in your sales pipelines and sync custom deal fields.
- Tasks (Write): To assign post-call tasks and deadlines to contact owners when objections or cues require follow-up.
- Conversations (Read/Write): To read message details, download call attachments, and append text transcripts as contact notes.
5. User Controls & Data Deletion
You retain control over your GHL integrations and stored history:
- Connection Revocation: You can revoke FieldCue's OAuth access at any time by disconnecting the location in your Settings dashboard.
- Data Purging: Accounts can request complete deletion of their logs, transcripts, and account configurations by contacting support.
6. Contact & Responsible Disclosure
We welcome feedback and vulnerability disclosures. Please contact us using the dedicated branded channels:
- Security Disclosures: security@fieldcue.app
- Privacy & GDPR Removal: privacy@fieldcue.app
- General Technical Support: support@fieldcue.app