Protecting your data
We’re committed to the security of your data and provide multiple layers of protection for the personal information you trust to Sonix.
Security and Privacy for your data
We value privacy as much as you do
We build privacy into everything we do. It's not an afterthought. It's how we choose to treat, and respect, our customers on a daily basis. We do not sell, rent or share your information with third parties for their promotional use.
You control access
Rest assured, with Sonix, your files are always accessible. Even if you decide to end your subscription, essential functions like viewing, exporting, and downloading remain at your disposal. Additionally, you retain full control over your data; you can opt to delete it from Sonix whenever you wish. When removed, both the audio and transcription are completely wiped from our platform.
Employees don't have access to your audio and transcripts unless you give us permission. More details here: privacy page & terms of service
Training AI
At Sonix, we prioritize your privacy and confidentiality. We want to assure you that none of your data processed through Sonix is utilized for training purposes. Your information remains strictly confidential and is not used in any way for training our systems.
Sharing functionality
Sonix offers a seamless sharing feature, allowing you to share transcripts with others easily. When you share the unique link provided, recipients may further distribute it among others.
Security: Technical details
Data transfer encryption
We encrypt all data that goes between you and Sonix using field-standard TLS (Transport Layer Security). Your data is encrypted when transferred between data centers for backup and replication.
Data storage encryption
We use server-side encryption with one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256). This cipher secures both our database and your data at rest.
Network protection
Sonix has multiple layers of security including firewalls, intrusion protection systems and network segregation. Sonix’s security services are configured, monitored, and maintained according to field best practices. We partner with field-leading security vendors to leverage their expertise and global threat intelligence.
Secure data centers
Sonix’s servers are located within enterprise-grade hosting facilities that have robust physical security controls to prevent physical access. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits.
Two-factor authentication
Sonix’s two factor authentication or 2FA is a security feature that adds even more protection to your Sonix account. Sonix will require a six-digit security code generated by your phone (in addition to your password) when you sign in to your account.
Security monitoring
Our security teams continuously monitor security systems, event logs, notifications and alerts from all systems to identify and manage threats.
Enterprise-grade best practices
Continuous Security Control Monitoring
Sonix uses Drata’s automation platform to continuously monitor 100+ internal security controls across the organization against the highest possible standards. Automated alerts and evidence collection allows Sonix to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Your data is your data
All data is stored at AWS in the USA. Sonix does not use your data to train our models whatsoever. Sonix is a completely automated process. No-one has access to your files unless you provide express written consent to investigate an issue.
GDPR
Sonix follows GDPR protocols and we are able to sign both DPA and SCC. We provide these documents inside your Sonix free trial account upon request. If you would like to review these documents, please create a free trial account and then request the DPA and SCC.
File sharing and permissions
Sonix has role-based security with multiple permission levels for each of your team members. You can provide access and revoke access to files and folders quickly and easily. You can also password-protect files and folders for an extra layer of security.
Employee Trainings
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
Penetration Tests
Sonix works with industry leading security firms to perform annual network and application layer penetration tests.
Secure Software Development
Sonix utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Vulnerability Disclosure Program
If you believe you’ve discovered a bug in Sonix’s security, please get in touch at [email protected]. Our security team promptly investigates all reported issues.