Have a question? Ask it below.
For further assistance, please reach out to [email protected]

Security

TLDR: Learn about security at Speakflow

Overview

Speakflow is a browser-based "cloud" application. Our security policy is designed to protect customers by using security practices such as authorization and encryption at every layer of the web stack. We're committed to customer privacy and security.

HTTPS for secure connections

Speakflow uses HTTPS for all services using TLS (SSL), which includes our public website and internal APIs and 3rd party services.

Data encryption

Data is stored in authentication-enabled databases and connections to the databases require SSL encryption. We use Postgres databases, encrypted at rest with continuous protection. Sensitive data such as user authentication credentials are encrypted. 

Access to customer data

Speakflow has a publicly available privacy policy that defines what data is collected and how it is used. We never access customer data unless given explicit permission in writing and only authorized personnel have access to encryption keys. All of our team members are based in the United States.
We also don't copy production data to external drives or devices.

Data retention

  • All users are able to permanently delete their own data.
  • Custom data within analytics can be deleted upon request.

Hosting

Speakflow is hosted on Heroku's platform, which uses AWS (Amazon Web Services) infrastructure. Amazon's data center operations have been accredited under:
  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)

PCI / Payment processing

Speakflow does not store any payment information. Payment processing is handled by Stripe. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available in the payments industry.

Sub-processors

We use the services of the following companies and services to store, analyze and transmit user data. These are carefully vetted companies with top notch security practices.
• Heroku
• Stripe
• AWS
• Mixpanel
• Google Analytics
• Sendgrid
• Mailchimp

Privacy

We take steps to protect and secure all of our user and customer data.
Learn more about privacy policy here: speakflow.com/privacy