Pricing
Security
Start for freeBook a DemoSign In

Security

Security and Controls

Cogram maintains SOC 2 Type II certification and commissions annual penetration testing. Below is an outline of organizational and technical security measures.

1. AI and ML Policy

No training on customer data

Cogram does not use customer data to train AI or machine learning models. Your project information remains private and is not used to improve our systems.

Human review of AI output

Content generated by Cogram for meeting notes or reports remains accessible only to the user and is not automatically distributed to meeting participants or external parties.

2. Product Security

Multi-Factor Authentication

Two-factor authentication can be enforced at the individual user level or mandated organization-wide for all team members.

Single Sign-On (SSO)

SAML 2.0-based authentication support for seamless integration with your identity provider.

Role-Based Access Controls

Permission management through user roles at organizational, group, or individual user levels.

3. Data Storage

Encryption in transit and at rest

Industry-standard security policies, including Transport Layer Security (TLS) for in-transit and AES-256 for at-rest encryption.

Custom data retention

Customizable data deletion timelines with manual request options to match your compliance requirements.

Automatic backups

Automatic backups enable recovery from data loss incidents.

Data residency options

Customers can specify preferred data storage locations to meet local regulatory requirements.

4. Advanced Deployment Options

Private cloud and on-premises hosting

Private cloud or on-premises database hosting on Microsoft Azure, AWS, Google Cloud, or your own internal systems.

5. Legal

Minimal subprocessors

Limited vendor dependencies focused on essential product functionality.

Custom agreements

Standard MSA and DPA available, with customization options for enterprise SLAs.

6. Compliance and External Audits

Penetration testing

Annual third-party penetration testing evaluations.

SOC 2 Type II certified

Annual SOC 2 Type II audits verify our security, availability, and confidentiality controls.

GDPR compliant

Compliance with GDPR requirements for data protection and privacy rights.