Protecting your data
We’re committed to the security of your data and provide multiple layers of protection for the personal information you trust to Sonix.
Security and Privacy for your data
We value privacy as much as you do
We build privacy into everything we do. It's not an afterthought. It's how we choose to treat, and respect, our customers on a daily basis. We do not sell, rent or share your information with third parties for their promotional use.
You control access
You will always have access to your files. Should you end your subscription you will lose other functionality like editing but you will always be able to view, export, and download. You can also delete the information if you don't want to store it on Sonix anymore at anytime. When you remove it, we delete the audio and the transcription from our platform completely.
Employees don't have access to your audio and transcripts unless you give us permission. More details here: privacy page & terms of service
Note that we have share functionality that allows you to share a transcript. If you share this link with someone else, they will be able to share with others as well.
Security: Technical details
Data transfer encryption
We encrypt all data that goes between you and Sonix using field-standard TLS (Transport Layer Security). Your data is encrypted when transferred between data centers for backup and replication.
Data storage encryption
We use server-side encryption with one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256). This cipher secures both our database and your data at rest.
Network protection
Sonix has multiple layers of security including firewalls, intrusion protection systems and network segregation. Sonix’s security services are configured, monitored, and maintained according to field best practices. We partner with field-leading security vendors to leverage their expertise and global threat intelligence.
Secure data centers
Sonix’s servers are located within enterprise-grade hosting facilities that have robust physical security controls to prevent physical access. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits.
Two-factor authentication
Sonix’s two factor authentication or 2FA is a security feature that adds even more protection to your Sonix account. Sonix will require a six-digit security code generated by your phone (in addition to your password) when you sign in to your account.
Security monitoring
Our security teams continuously monitor security systems, event logs, notifications and alerts from all systems to identify and manage threats.
Enterprise-grade best practices
Continuous Security Control Monitoring
Sonix uses Drata’s automation platform to continuously monitor 100+ internal security controls across the organization against the highest possible standards. Automated alerts and evidence collection allows Sonix to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Employee Trainings
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
Penetration Tests
Sonix works with industry leading security firms to perform annual network and application layer penetration tests.
Secure Software Development
Sonix utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Vulnerability Disclosure Program
If you believe you’ve discovered a bug in Sonix’s security, please get in touch at [email protected]. Our security team promptly investigates all reported issues.
