Security | Kolabrya Kolabrya Our AI-powered platform is changing the way lawyers and workplace investigators conduct interviews, generate reports, and summaries.

Security is built into the fabric of Kolabrya

Below is a brief about key security components of Kolabrya

Data Collection and Storage

Data Into the System:
- Origin: Kolabrya values transparency. All data sourced from meetings is collected post explicit consent from consumers.
- Types of Data Collected:
  - Uploaded documents
  - Audio and video recordings of meetings (you have the option to turn on/off)
  - Participant names
  - Meeting title
Data Out of the System:
- Kolabrya does not share any information with third parties for training of AI models or advertising.

Access Control

Data Access:
- Internal employees of kolabrya receive role-based access to applications and systems, strictly following the principle of least privilege.
- Protocol mandates swift revocation of access rights for terminated employees within a 24-hour window.
Password Security:
- Kolabrya enforces Multi-Factor Authentication (MFA) on company accounts to bolster security.
- All user accounts adhere to a rigorous password policy to ensure security and complexity.

Infrastructure

Cloud Infrastructure:
- Kolabrya relies on Microsoft Azure, hosted exclusively within Canada and US regions (based on client location).
Network Security:
- Firewall: Leveraging Azure's native firewall capabilities, we filter out unsolicited and potentially harmful traffic.
- Azure recommended Architecture: This strategy ensures centralized security services, enabling consistent policy application and meticulous traffic inspection, thereby minimizing configuration points.

Primary Vendors

Kolabrya collaborates with entities that adhere to industry-leading standards, including SOC2 Type 2, HIPPA, PCI, and GDPR. These partners, known for their robustness, security features, and compliance certifications, play pivotal roles in delivering our services seamlessly.

Data Security Measures

Kolabrya’s dedication to privacy is reflected in its data security measures:

Encryption: Both in transit and at rest, data is encrypted to maintain its integrity.
Code Monitoring: Regular vulnerability scans are conducted on the platform's code.
API Security: Strong API authentication mechanisms are in place to fend off unauthorized access.

Data Retention and Deletion

Data transmitted via APIs is retained for users to have access to history however users have the option to delete and purge all data from Kolabrya's systems immediately after the meeting is finished.

Kolabrya by default deletes all data from systems every 24 hours.

Peace of mind privacy

Question: Does Kolabrya use customer data to train models?

Customer data is not used to train AI models

Data can be deleted immediately upon request or as an going basis

Question: Does Kolabrya use data for any marketing or other purposes?

Question: Does Kolabrya keep a record of PII (Personal Identifiable Information)?

PII is automatically removed from the very start of the process (conversation to transcription)

Question: Does Kolabrya work with reputable vendors?

Yes

Our vendors are SOC2 type 2, PCI, and GDPR compliant