User Data Privacy
User Data Protections
We fully encrypt user data when processing a meeting. This includes but is not limited to: email addresses of the meeting participants, name of the meeting participants if provided, and the phone number of participants joining from a phone. We only use this information to identify participants.
Data Layer Protection
Data Layer Protection is applied to remove all user-specific information and personally identifiable information (PII). We use anonymized data when training the intelligence engine to garner better performance and higher accuracy in meeting insights.
Administrators on your application own the user consent process. You can add user consent when you onboard end users to the platform and/or before the conversation is analyzed depending on the needs of your business. You have the flexibility to change this at any time.
Cloud platform and Logs
All data is hosted in GCP in the USA region and leverages server-side encryption provided by Google Cloud Platform. All incoming requests to Symbl systems are authenticated and validated at the time of authentication.
Google Cloud provides an extensive list of compliance and regulatory assurances, including SOC 3, and ISO 27001. See Google’s compliance and security documents for more detailed information. Further, all access is logged and audited regularly. Logs are maintained for a minimum of 3 months, and hosted on GCP whilst encrypted at rest.
End to End Encryption
All data on the Symbl platform is encrypted, and all connections are secured using 2048 bit AES encryption. Over the wire, data is encrypted using RSA 2048 bit keys. At rest, data is encrypted using AES-256.
No audio recording
By default, we do not store audio recordings. In cases where storing is required, audio recordings are securely stored and encrypted at rest using 2048 bit RSA.