Is Aircall GDPR Compliant?
Aircall privacy and compliance overview. Last scanned: 1 months ago.
Aircall scored 60/100 (grade D), indicating significant privacy issues. Key issues found: No privacy policy found: CCPA disclosures cannot be assessed. 4 security headers missing: Strict-Transport-Security (max-age >= 31536000), Content-Security-Policy, X-Content-Type-Options: nosniff, X-Frame-Options (or CSP frame-ancestors). This is an automated technical assessment, not a legal compliance certification.
60/100
Privacy and compliance score
Scanned May 16, 2026 in fetch mode.
CCPA / CPRA disclosures
0/8No privacy policy found: CCPA disclosures cannot be assessed.
Security headers
0/104 security headers missing: Strict-Transport-Security (max-age >= 31536000), Content-Security-Policy, X-Content-Type-Options: nosniff, X-Frame-Options (or CSP frame-ancestors).
Privacy policy
0/10No privacy policy found.
DPA and sub-processor list
3/7No DPA or sub-processor list found.
Cookie consent banner
12/12No tracking detected: consent banner not required.
Accessibility (WCAG 2.x AA)
7/15Accessibility scan unavailable in fetch mode.
AI training stance
5/5No AI training disclosure found.
Hosting region disclosure
5/5No data hosting region disclosure found.
COPPA signal
5/5No COPPA language detected.
Pre-consent tracking
23/23No third-party trackers detected before consent.
Does Aircall self-report SOC 2, HIPAA, or PCI compliance?
The following is based on Aircall's public documentation. ComplianceCheckup has not independently audited these claims.
Frequently asked questions about Aircall compliance
Is Aircall GDPR compliant?
Aircall received a privacy grade of D (60/100) in our automated scan. No privacy policy found: CCPA disclosures cannot be assessed. 4 security headers missing: Strict-Transport-Security (max-age >= 31536000), Content-Security-Policy, X-Content-Type-Options: nosniff, X-Frame-Options (or CSP frame-ancestors). For a complete GDPR assessment, consult a qualified privacy professional.
Does Aircall offer a Data Processing Agreement (DPA)?
Yes. Aircall provides a DPA linked in the Legal documents section above. Review it carefully and sign before transferring personal data.
Is Aircall SOC 2 certified?
Aircall holds a SOC 2 Type II certification.
What are Aircall's biggest privacy risks?
Based on our automated scan, the top areas of concern are: CCPA / CPRA disclosures, Security headers, Privacy policy. No privacy policy found: CCPA disclosures cannot be assessed. These findings are automated and may not capture all risks.
How does Aircall handle CCPA?
No privacy policy found: CCPA disclosures cannot be assessed. CCPA requires businesses handling California residents' data to disclose data practices, honor opt-out requests, and support the Global Privacy Control (GPC) signal. Our scan checks for GPC support and CCPA-relevant cookie disclosures.
Not legal advice. The scan grade is an automated technical assessment and does not constitute legal or compliance advice. Self-reported claims have not been independently verified. Results may contain false positives or miss issues that cannot be detected programmatically. Consult a qualified attorney or compliance professional for your specific situation.