Your data, protected
Security is not a feature we bolted on. It is foundational to every architectural decision we make. Your meeting data deserves the highest level of protection.
AES-256-GCM
Encryption at Rest
SOC 2 Type II
In Progress
GDPR
Compliant
CCPA
Compliant
Security in Depth
Multiple layers of security protect your meeting data at every step.
End-to-End Encryption
All meeting data is encrypted using AES-256-GCM both at rest and in transit. TLS 1.3 secures all network communication. Encryption keys are unique per workspace and managed through a dedicated key management service. We never store unencrypted audio or transcripts.
SOC 2 Compliance
We are actively pursuing SOC 2 Type II certification. Our security controls cover all five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. Full audit logging and access controls are already in place.
GDPR & CCPA Compliance
Karnyx is fully compliant with GDPR and CCPA regulations. Users can export, correct, or delete their personal data at any time. We process data lawfully, with explicit consent, and provide complete transparency about what data is collected and how it is used.
Data Residency
Enterprise customers can choose where their data is stored. We offer data residency options in the United States, European Union, and Asia-Pacific regions. Your meeting data never leaves the geography you specify, ensuring compliance with local data sovereignty requirements.
Penetration Testing
We conduct regular penetration testing through independent third-party security firms on a quarterly basis. Our testing covers application security, infrastructure security, and social engineering vectors. Critical findings are remediated within 24 hours.
Bug Bounty Program
We maintain an active bug bounty program to encourage responsible disclosure of security vulnerabilities. Security researchers can report issues to security@karnyx.ai and are eligible for bounties based on severity and impact.
Need more details?
Download our security whitepaper for a comprehensive overview of our security architecture, compliance posture, and data handling practices. Or reach out to our security team directly.