# Security & Compliance — VideoDB

> We act as stewards of your data with multiple layers of security. We do not sell, rent, or share your information with third parties for promotional use. Our security certificates (SOC 2 Type II, ISO 27001, HIPAA, and GDPR) are available for review on request — request access via our certificate request form at /trust-centre#request-access and we'll share them under NDA. The Service is operated by Spext Labs Inc., the company operating under the brand name VideoDB. Current as of 30 September, 2025.

---

## Security posture

- **Encrypted in transit** — SSL encryption during transit.
- **Encrypted at rest** — Industry-standard 256-bit AES encryption at rest.
- **Protected by SOC 2** — SOC 2 Type II compliant; HIPAA and ISO 27001 certified.
- **Privacy First** — We never store your files and adhere to sovereignty laws. HIPAA & GDPR compliant.
- **Protected** — Data and logs are untraceable back to an individual user.
- **Secure Vendors** — AWS, GCP, and Azure compliance checks regularly.

## Access Control

You always retain access to your files (view, export, download) and can delete them anytime; deletion removes audio, video, and transcription completely. Employees cannot access your audio and transcripts without permission.

## Data Encryption

All data between you and VideoDB's servers uses field-standard TLS, including transfers between data centres for backup and replication.

## Network Protection

Multiple layers including firewalls, intrusion protection systems, and network segregation.

## Secure Data Centres

Enterprise-grade hosting facilities with 24/7/365 monitoring and surveillance, on-site security staff, and ongoing security audits.

## Security Monitoring

The security team continuously monitors systems, event logs, notifications, and alerts to identify and manage threats.

Contact: support@videodb.io