Security at SageNotes
Your data security is our top priority. We implement industry-leading security practices to protect your transcriptions and personal information.
How We Protect Your Data
Multiple layers of security to keep your information safe
Encryption in Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (HTTPS). We enforce HSTS to prevent downgrade attacks.
Encryption at Rest
Your transcriptions and files are encrypted at rest using AES-256 encryption. Database backups are also encrypted.
Secure Infrastructure
We host on Amazon Web Services (AWS) with industry-leading security certifications including SOC 2, ISO 27001, and PCI DSS.
Isolated Processing
Audio files are processed in isolated environments and are automatically deleted after transcription is complete.
Secure Authentication
We use AWS Cognito for authentication with secure password hashing, multi-factor authentication support, and token-based sessions.
Access Controls
Role-based access controls ensure users can only access their own data. All access is logged and monitored.
Data Retention
Uploaded audio files are automatically deleted within 7 days. You can delete your transcriptions at any time.
Privacy by Design
We collect only the minimum data necessary to provide our service. We never sell your data to third parties.
Compliance & Privacy
We take your privacy rights seriously
GDPR Compliant
We comply with the General Data Protection Regulation for EU users.
Data Processing Agreement
Enterprise customers can request a DPA for compliance requirements.
Right to Deletion
You can request complete deletion of your account and all associated data.
Data Portability
Export your transcriptions in multiple formats at any time.
Third-Party Services
We carefully vet all third-party services for security compliance
| Service | Purpose | Security |
|---|---|---|
| AssemblyAI | Speech-to-text transcription | SOC 2 Type II certified, data deleted after processing |
| Google Gemini | AI analysis and chat | SOC 2, ISO 27001 certified, enterprise-grade security |
| Anthropic Claude | AI analysis and chat | SOC 2 Type II certified, Constitutional AI safety |
| Amazon Web Services | Cloud infrastructure | SOC 2, ISO 27001, PCI DSS compliant |
| Amazon Cognito | User authentication | HIPAA eligible, SOC compliant |
Continuous Security
We regularly update our security practices and infrastructure. Our systems are continuously monitored for potential threats, and we apply security patches promptly.
Found a security issue? Contact us at security@sagenotes.ai