| Core review management | Yes — Google, Yelp, Facebook, Tripadvisor, Trustpilot inbox; AI drafts; multi-stage approval; multi-location | Yes — reviews aggregated across 130+ sites per Reputation.com's own marketing claims, plus a 'Review Booster' solicitation tool |
| Category scope | Review management, surveys, reputation analytics — integrates with your existing CRM/listings tools | Reviews, Surveys, Listings & Local SEO, Social publishing, Reputation®IQ (AI analytics), Actions/ticketing, Competitive Insights — one broad suite |
| Pricing transparency | Contact sales (early stage) | Published tiered pricing on /pricing: Rep Core $80/location/mo, Rep Core + Pulse $115/location/mo, Rep Core + Surveys $150/location/mo; Enterprise (125+ locations) is custom/contact sales Reputation.com publishes more list pricing than most legacy competitors we've compared as of July 2026 |
| Named AI model providers | Anthropic Claude — one named provider, published in /subprocessors/ and /ai-policy/ | Three named in their privacy notice: OpenAI LLC (opt-in AI response generation in Reviews), Salesforce Einstein (chatbot), Google Gemini (customer engagement) Per Reputation.com's Privacy Notice (reputation.com/privacy-notice/, accessed July 2026) |
| Customer data used for AI training | No — Anthropic's commercial terms prohibit training on Vouch API traffic | Privacy Notice states 'publicly available information' is shared with sub-processors to improve services and develop new features; the notice does not explicitly state whether client personal data trains the underlying models Ambiguity noted, not resolved, in Reputation.com's own published language as of July 2026 |
| Public sub-processor list | Yes — https://www.tryvouch.io/subprocessors/, three named entities (Azure, Entra ID, Anthropic) | Yes — https://reputation.com/legal-information/reputation-subprocessors, lists Google Cloud, Twilio/Sendgrid, File.com, OpenAI LLC, Pendo (US), plus a separate longer list for the NUVI platform and EU/Germany operations (AWS, Mailjet, MessageBird, TeleSign, Reputation.com Germany GmbH) Reputation.com's list is longer and more fragmented across platforms/regions |
| SOC 2 / ISO 27001 | Roadmap — not yet attested | SOC 2 Type II compliant and ISO 27001 certified, both per third-party auditor attestation, per their Security Posture page Reputation.com has the more mature certification stack today |
| HIPAA | Available on request — support@aartha.ai | States 'HIPAA compliant' on Security Posture page; specific BAA process not detailed on the public page |
| EU-US Data Privacy Framework | Roadmap — designed to comply with SCC + DPF | Not mentioned on Security Posture or Privacy Notice pages as of July 2026; GDPR compliance is addressed via EU-region data segregation (Frankfurt/Belgium hosting) rather than DPF certification |
| Data retention after termination | 30-day post-termination export window in machine-readable formats per /terms/ | Data Processing Addendum states client personal data is deleted within 90 days of service cessation (absent a legal retention obligation); Privacy Notice itself defines no specific post-termination window |
| FTC fake-review rule / review-gating stance | Built around 16 CFR Part 465 — no review gating in destination routing by design; Acceptable Use Policy explicitly bans it | No explicit public statement on review gating or the FTC Consumer Review Rule found on reputation.com as of July 2026 |
| Multi-location and vertical fit | Native multi-location with per-location/per-region/per-corporate hierarchy; horizontal across industries | Deep vertical tooling for automotive, healthcare, senior care, and financial services (incl. Gramm-Leach-Bliley Safeguards Rule support and premium CRM/EHR integrations) |