// Trust & Security Report
Structurely, Inc.
AI-powered sales conversation platform for lead conversion: AI voice calling, AI texting/SMS, live phone transfers, and appointment setting, sold in Team / Company / Enterprise / White Label tiers with a usage-based ("Action Credits") pricing model; primarily marketed to real estate, mortgage, home improvement, sports, marketing agency, and university sales teams.
Certifications held
0
Maturity
Growth
Trains on your data
Unknown
Trust center
No
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
> Show 6 unconfirmed / not-held certifications
source: structurely.comNo public evidence. No trust center, security page, or SOC 2 mention found on structurely.com privacy policy, terms of use, or homepage; no independent trust-center subdomain (trust.structurely.com does not resolve).
source: structurely.comNo public evidence. Not mentioned on any vendor-owned page reviewed (homepage, privacy policy, terms of use, pricing).
source: structurely.comNo public evidence. Structurely's stated use cases (real estate, mortgage, home improvement, sports, agencies, universities) do not include healthcare, and no HIPAA language appears on any vendor page reviewed.
source: structurely.comNo public evidence of a GDPR-specific compliance statement. The privacy policy covers US state privacy law (CCPA/California rights) and general 'reasonable physical, technical, and administrative security standards' but does not mention GDPR, an EU representative, or standard contractual clauses.
source: structurely.comNo public evidence. Not mentioned on any vendor-owned page reviewed; Structurely does not appear to process cardholder data directly (billing likely handled by a third-party payment processor not disclosed on the pages reviewed).
source: structurely.comNo public evidence. No AI-governance certification is referenced anywhere on structurely.com.
// Privacy & AI training
Trains on customer data
Not stated
Data processing agreement
Not offered
Data region
Site and data are described as 'hosted and operated in the United States'; the policy notes data may be transferred to and stored in other countries but gives no specific data-residency guarantee or EU hosting option.
The privacy policy states, regarding third-party AI applications used in the product: 'These messages are not stored or used for training purposes outside of Structurely,' and separately notes many models are 'on-premise, self-contained models, where user data never leaves the confines of Structurely's application and systems.' This implies Structurely itself may use conversation data within its own systems (e.g., for its own model fine-tuning, consistent with the Enterprise tier's advertised 'Dedicated AI model fine-tuning'), but the policy does not explicitly confirm or deny first-party training on customer data, nor is a self-serve opt-out toggle described (users are told to contact support to opt out of the third-party-AI use case specifically). Because of this ambiguity, trains_on_customer_data is graded null/unknown rather than true or false.
// Security controls
Encryption in transit / at rest
General statement only: 'Structurely has implemented reasonable physical, technical, and administrative security standards to protect personal information from loss, misuse, alteration, or destruction,' using 'security technologies and procedures, such as encryption and limited access.' No detail on algorithms, TLS version, or at-rest encryption scope.
structurely.comAccess control
'Limited access' with 'only authorized individuals' trained on data protection; no detail on MFA, SSO, or role-based access control for customer accounts.
structurely.comSecurity monitoring
'Structurely reviews server logs for security purposes -- for example, to detect intrusions into their network.' No mention of a bug bounty, penetration testing cadence, or incident-response SLA.
structurely.comTransmission security disclaimer
Terms of use explicitly disclaim guaranteed security: 'we cannot and do not guarantee that any such transmissions are or will be totally secure.'
structurely.comTelecom compliance (TCPA / A2P 10DLC)
Product is built around outbound calling/texting; marketing pages describe A2P 10DLC registration support (via Twilio, Telnyx, MessageBird) and time-of-day contact restrictions ('leads are not contacted after 8 PM'), and the terms of use require customers to comply with TCPA, Do Not Call, and call-recording laws. This is telecom regulatory compliance, not an information-security certification.
structurely.comLiability limitation
Terms of use cap aggregate liability at $100 per calendar year and disclaim all warranties ('AS IS' / 'AS AVAILABLE'), which is a standard SaaS limitation but worth noting for enterprise risk review.
structurely.com// Products & data scope
data: Lead contact data, call/text transcripts, CRM-integrated activity logs for 2-10 users
$499/mo, 4 pre-built AI agents plus self-built agents via agent builder; no differentiated security posture disclosed versus other tiers.
data: Same data types as Team plan, at higher volume across 10+ producers, plus BI reporting data
$999/mo; adds custom agent configs and a dedicated success manager; no additional security controls disclosed.
data: Same data types, described as running on 'dedicated infrastructure'
Custom pricing; includes 'Dedicated AI model fine-tuning' -- this is the clearest signal that Structurely trains models on a customer's own conversation data at this tier, which is a material AI-training difference from lower tiers and should be flagged to enterprise buyers.
data: Multi-tenant lead and conversation data across partner platforms; REST API access
Custom pricing; 'Powering 50+ platforms today.' No separate security/compliance documentation found for the API/white-label surface.
// What to watch
- No trust center, security page, or third-party audit report (SOC 2, ISO 27001, HIPAA, GDPR) found anywhere on structurely.com; all security claims are a single generic paragraph in the privacy policy.
- AI-training posture is ambiguous and inconsistently described: the privacy policy says third-party-AI messages are 'not stored or used for training purposes outside of Structurely' (implying first-party use is possible) while the Enterprise-tier marketing promises 'Dedicated AI model fine-tuning' on presumably the customer's own data -- this is a legacy-privacy-policy-vs-current-product-page style contradiction that a prospective enterprise buyer should get clarified in writing/DPA before signing.
- No DPA (Data Processing Agreement) or GDPR-specific mechanism (SCCs, EU representative) is published, despite the product handling PII (phone numbers, call/text transcripts) that would trigger GDPR if used with EU-resident leads.
- Terms of use liability cap ($100/year) and blanket 'as is' disclaimer are typical for a startup-stage SaaS but should be surfaced to buyers doing risk review given the product handles live customer PII and telecom communications.
// At a glance
Pricing model
Usage-based 'Action Credits' (pay per SMS response, per 10-second voice increment, per email) layered on top of tiered monthly subscriptions (Team $499/mo, Company $999/mo, Enterprise and White Label custom), plus one-time onboarding fees ($2,000-$2,500) and annual-contract discounting.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Structurely, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-09. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
structurely.com