Security at notologic

You're trusting us with your meetings — the candid bits, the strategic bits, the things you'd rather not see on a billboard. We take that seriously, and the product is built that way from the ground up.

Status of this page: preliminary. The detailed sub-processor list, the SOC 2 letter, and our DPA template are available on request while we finalize the public versions.

What's in place today

• Your data is encrypted in transit and at rest.
• Your workspace is isolated from every other workspace. Nobody outside your org sees your meetings — not us, not other customers.
• Recordings and transcripts are stored privately. Sharing always requires a deliberate action by you or someone you've invited.
• Card data never touches our systems — billing is handled by a regulated payment processor.
• Your content is used only to deliver the product. We do not train on your meetings, and we do not let our providers train on them either.

What's coming

• SOC 2 Type II — audit scheduled.
• A published sub-processor list (currently on request).
• Customer-managed encryption keys for Enterprise.
• Regional data residency (EU and UK options).

Reporting a vulnerability

If you've found a security issue, please email security@notologic.com. We acknowledge within 24 hours and aim to remediate inside 14 days for high-severity reports. PGP key on request.