Security & Privacy
Your content stayscompletely confidential
From encryption at rest and in transit to SOC 2 certification and HIPAA compliance, we protect your data with multiple layers of enterprise-grade security. Your trust is our responsibility.
We never sell, share, or train on
your data
Privacy by Design
We build privacy into everything we do. It's not an afterthought—it's how we choose to treat and respect our customers. We do not sell, rent, or share your information with third parties for their promotional use.
You Control Your Data
Your files are always accessible, even after your subscription ends. You can view, export, download, and delete your data at any time. When removed, both audio and transcripts are completely wiped from our platform.
No AI Training
We prioritize your privacy and confidentiality. None of your data processed through Sonix is used for training purposes. Your information remains strictly confidential and is never used for training our systems.
Secure Sharing
Sonix offers seamless sharing features with password protection options. Our employees don't have access to your audio and transcripts unless you provide express written consent to investigate an issue.
Encrypted and protected at every layer
Data Transfer Encryption
We encrypt all data between you and Sonix using TLS (Transport Layer Security). Your data is also encrypted when transferred between data centers for backup and replication.
Data Storage Encryption
We use server-side encryption with AES-256, one of the strongest block ciphers available. This cipher secures both our database and your data at rest.
Network Protection
Sonix has multiple layers of security including firewalls, intrusion protection systems, and network segregation configured to industry best practices.
Secure Data Centers
Our servers are located within enterprise-grade AWS hosting facilities with 24/7/365 monitoring, on-site security staff, and regular security audits.
Two-Factor Authentication
Enable 2FA for an extra layer of protection. Sonix requires a six-digit security code from your phone in addition to your password when signing in.
Security Monitoring
Our security teams continuously monitor systems, event logs, notifications, and alerts to identify and manage threats proactively.
Certified, audited, and trusted by
leading organizations
SOC 2 Type II Certified
SOC 2 Type II certified with continuous security control monitoring. Our controls are independently audited annually to ensure we meet the highest standards for security, availability, and confidentiality.
HIPAA Compliant
Available through Medical Sonix for healthcare organizations. We sign Business Associate Agreements and implement required safeguards to protect PHI.
Learn about Medical SonixContinuous Monitoring
Automated monitoring of 100+ internal security controls using Drata's platform with automated alerts and evidence collection.
Your Data is Yours
All data is stored at AWS in the USA. Sonix does not use your data to train our models. No one has access unless you provide consent.
GDPR Compliant
We follow GDPR protocols and can sign DPA and SCC. These documents are available inside your Sonix account upon request.
Role-Based Access
Multiple permission levels for team members. Provide and revoke access quickly. Password-protect files for extra security.
Security is built into everything we do
Employee Training
All employees complete annual security training and employ best practices when handling customer data.
Penetration Testing
We work with industry-leading security firms to perform annual network and application layer penetration tests.
Secure Development
Manual and automatic security and vulnerability checks throughout the software development lifecycle.
Vulnerability Program
Report security issues to [email protected]. Our team promptly investigates all reported issues.
Start transcribing with
complete confidence
Join millions of users who trust Sonix with their most sensitive content. Try it free—no credit card required.
