Your data security is
our top priority.

All call transcripts are encrypted at the application level using AES-256-GCM before storage. Even if the database is compromised, transcript data is unreadable without the encryption key.

Every access to sensitive data — transcripts, reports, and meetings — is logged with user identity, timestamp, IP address, and action type. Required for HIPAA compliance auditing.

Administrators can set automatic data retention policies (30, 60, 90, 180, or 365 days). Transcripts are automatically purged after the retention period expires.

Configurable session timeout policies enforce automatic logout after periods of inactivity. Administrators can set timeouts from 30 minutes to 8 hours.

Built on SOC 2 Type II certified infrastructure. Database hosted on Supabase (SOC 2, ISO 27001). Application hosted on Vercel (SOC 2). All data encrypted in transit via TLS 1.3.

Every database table enforces row-level security policies ensuring complete data isolation between organizations. Users can only access data within their own organization.

Real-time error tracking and crash reporting via Sentry ensures issues are detected and resolved quickly, maintaining platform reliability and data integrity.

Three-tier role system (User, Admin, Superadmin) with server-side enforcement. All actions are verified against the user's role before execution.