Security at NOTALIC

Your data security and privacy are our top priorities. We implement industry-leading security measures to protect your meetings.

How We Protect Your Data

πŸ”

End-to-End Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your meetings are secure from unauthorized access.

πŸ›‘οΈ

SOC 2 Type II Certified

We maintain SOC 2 Type II compliance with annual audits by independent third parties, ensuring the highest security standards.

πŸ”’

Zero-Knowledge Architecture

Your encryption keys are derived from your password. We cannot access your decrypted dataβ€”only you can.

🏒

Enterprise SSO

Support for SAML 2.0, Okta, Azure AD, and Google Workspace SSO for centralized identity management.

πŸ”

Regular Security Audits

Quarterly penetration testing and vulnerability assessments by certified security professionals.

🚨

Real-Time Monitoring

24/7 security monitoring with automated threat detection and incident response protocols.

πŸ’Ύ

Automated Backups

Daily encrypted backups with point-in-time recovery. Your data is safe even in disaster scenarios.

🌍

GDPR Compliant

Full compliance with GDPR, CCPA, and international data protection regulations.

Infrastructure Security

Cloud Infrastructure

NOTALIC is hosted on AWS (Amazon Web Services) with infrastructure across multiple availability zones for high availability and disaster recovery. All data centers are SOC 2, ISO 27001, and PCI DSS certified.

Data Isolation

Each organization's data is logically isolated using multi-tenant architecture with strict access controls. Cross-organization data access is impossible by design.

Network Security

All network traffic is protected by firewalls, intrusion detection systems, and DDoS protection. We use VPCs (Virtual Private Clouds) to isolate our infrastructure from the public internet.

Access Controls

Strict role-based access control (RBAC) ensures employees only access data necessary for their role. All access is logged and monitored. Multi-factor authentication is required for all administrative access.

Your Data, Your Control

We Never Train AI on Your Data

Important promise: We DO NOT use your meeting recordings or transcripts to train our AI models. Your meetings remain completely private. We use pre-trained models from trusted AI providers under strict data processing agreements.

Data Retention

You control your data. Delete meetings anytime and they're permanently removed within 30 days. Delete your account and all associated data is erased. We don't keep hidden copies.

Data Portability

Export all your data at any time in standard formats (JSON, CSV, PDF). You own your data and can take it with you if you leave.

Third-Party Processors

We carefully vet all third-party services. Current processors include AWS (hosting), Stripe (payments), and OpenAI (AI processing). All are bound by Data Processing Agreements (DPAs) and meet our security standards.

Compliance & Certifications

βœ“

SOC 2 Type II

Annual audits

βœ“

GDPR

Full compliance

βœ“

CCPA

California compliant

βœ“

ISO 27001

Information security

βœ“

HIPAA Ready

Healthcare compliant

βœ“

PCI DSS

Payment security

Responsible Disclosure

If you discover a security vulnerability, please report it to us responsibly. We're committed to working with security researchers to protect our users.

Report security issues to:

πŸ“§ Email: security@notalic.com

We'll respond within 48 hours and keep you updated throughout the resolution process.

Questions About Security?

Our security team is here to help. Contact us anytime.

Contact Security Team