Security and Privacy

We want to ensure system security and customer privacy is a priority at every step of the engineering process. All employees are required to go through security training and best practices for data handling.

SOC 2 TYPE 2 & GDPR CERTIFIED

Technology

Fireflies is built on top of infrastructure and services that uses industry grade security standards. We encrypt your data at rest, including emails, calendar events and other personally identifiable metadata.

    Fireflies is built on top security standards and encrypts your data at rest, including emails, calendar events and other personally identifiable metadata.
    shadow image

    Security certifications

    Our SOC 2 (Type 2) shows our commitment towards a continuous effective build and improvement of our system and organization controls regarding security, privacy, availability, and confidentiality. This report explains the extreme care we take to earn and maintain our users' trust in Fireflies, its systems, and product.

    SOC2

    Our SOC 2 (Type 2) shows our commitment towards a continuous effective build and improvement of our system and organization controls regarding security, privacy, availability, and confidentiality. This report explains the extreme care we take to earn and maintain our users' trust in Fireflies, its systems, and product.

    Fireflies is committed to ensuring ongoing compliance with the General Data Protection Regulation (GDPR). At Fireflies, data security and privacy serve as the major pillars we work with. Consent is a key factor in ensuring the trust of our users

    GDPR

    Fireflies is committed to ensuring ongoing compliance with the General Data Protection Regulation (GDPR). At Fireflies, data security and privacy serve as the major pillars we work with. Consent is a key factor in ensuring the trust of our users

    Process

    Get strict control over data access using fireflies

    Strict controls over data access

    We use a 256-bit AES encryption in storage and a 256-bit SSL/TLS encryption in transit. Our database is hosted in a Virtual Private Cloud with AWS. AWS follows top IT security standards, including SOC 2 Type II, SOC 3, PCI-DSS certification, and ISO 27001.

    Fireflies security team enforces automated monitoring and uptime

    Uptime and logging

    Our production environments have security logging, uptime monitoring, and system availability metrics of our core services. This helps our security team enforce automated monitoring and uptime.

    Fireflies employs third party security experts to perform penetration tests

    We implement coding best practices focused on the OWASP Top Ten

    Development, testing, and production environments are separated. All code changes are peer reviewed and tested prior to deployment into production.

    We implement coding best practices focused on the OWASP Top Ten

    Third party audit

    In addition to our extensive internal scanning and testing program, we employ third-party security experts to perform penetration tests.

    Our Commitment on privacy

    Fireflies is committed to privacy and collects the minimum data required to improve services

    Impact assessment

    We continuously evaluate the impact of our activities on data privacy to ensure that we collect the minimum data needed to improve our practices.

    If you have additional questions regarding security, we are happy to answer them. Please write to security@fireflies.ai and we will respond as quickly as we can.

    Unlock the knowledge buried

    inside your team's meetings