> ## Documentation Index
> Fetch the complete documentation index at: https://dialnexa.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Privacy Sensitive Data And Recordings In DialNexa

> Understand privacy, sensitive data, recordings, transcripts, webhook secrets, secure URLs, and safe data handling in DialNexa.

Privacy in DialNexa depends on how call recordings, transcripts, summaries, extracted fields, webhook deliveries, API keys, and sensitive call data are configured and reviewed. Users should know what is stored, who can access it, and which credentials protect access.

<Warning>
  Recordings and transcripts are powerful evidence. They are also sensitive. Treat them like production data, not like screenshots in a group chat.
</Warning>

## Sensitive Surfaces

These areas deserve access and retention discipline.

<CardGroup cols={2}>
  <Card title="Call recording" icon="headphones" href="/monitoring/transcripts-recordings-and-summaries">
    Audio playback and download can reveal personal information, consent phrases, and account details.
  </Card>

  <Card title="Transcript" icon="file-text" href="/monitoring/call-detail-page">
    Text transcript can expose names, phone numbers, addresses, and free-form caller statements.
  </Card>

  <Card title="Post-call fields" icon="list-checks" href="/monitoring/post-call-analysis-results">
    Extracted fields can store business outcomes and personal attributes.
  </Card>

  <Card title="Webhooks and keys" icon="key" href="/api-access/webhook-secrets">
    API keys and webhook secrets control machine access and event verification.
  </Card>
</CardGroup>

## Privacy Controls In The Product

Use these controls to reduce accidental exposure.

| Control             | Purpose                                                                                      |
| ------------------- | -------------------------------------------------------------------------------------------- |
| Webhook secret      | Lets your receiving system verify that events came from DialNexa.                            |
| API key rotation    | Creates new machine credentials and expires older access either now or after a grace period. |
| Default variables   | Prevent missing data, but avoid putting secrets or unnecessary sensitive text into defaults. |
| Secure URLs setting | Controls signed URLs where that security mode is enabled for the agent version.              |

## Review A Sensitive Call

<Steps>
  <Step title="Open the exact call">
    Use Call History filters or call ID search.
  </Step>

  <Step title="Check what exists">
    Look for recording, transcript, summary, custom fields, transfer data, and webhook-related evidence.
  </Step>

  <Step title="Review access before sharing">
    Confirm who needs the recording, transcript, summary, or export before sharing data outside the dashboard.
  </Step>

  <Step title="Export carefully">
    CSV exports can include summaries and post-call fields. Share them only with the right audience.
  </Step>
</Steps>

## Privacy Mistakes To Avoid

<AccordionGroup>
  <Accordion title="Putting secrets in dynamic variables">
    Dynamic variables are used in calls and may appear in logs or exports. Use credentials in integration and key settings instead.
  </Accordion>

  <Accordion title="Rotating a webhook secret without updating receivers">
    A new secret requires receiving systems to verify with the new value.
  </Accordion>

  <Accordion title="Assuming dashboard access covers external copies">
    If you sent data to another system through webhooks or integrations, review access and retention in that system too.
  </Accordion>

  <Accordion title="Downloading recordings casually">
    A downloaded file leaves the dashboard access boundary.
  </Accordion>
</AccordionGroup>

## Related Reading

<CardGroup cols={2}>
  <Card title="Webhook Secrets" icon="key-round" href="/api-access/webhook-secrets">
    Protect event verification.
  </Card>

  <Card title="Call Data Model" icon="database" href="/data/call-data-model">
    Understand stored call fields.
  </Card>
</CardGroup>
