Security & Privacy

Noota is used by many professionals and institutions such as health, social science studies, journalists, and the French Police for whom data protection is a must have.

Security and privacy

In general, all the data you will find on the platform are :

  • Double encrypted
  • Hosted in the cloud

We do not use our own servers, but use the services of an online solution provider specialized in setting up, managing and securing storage space. In addition, all our resources are hosted on servers in the European Union (EU), are RGPD compliant and ISO 27001 (https://cloud.google.com/security/compliance/iso-27001?)

A platform in compliance with the GDPR

Noota respects the privacy requests summarized below:

https://www.cnil.fr/fr/reglement-europeen-protection-donnees

All Noota services are hosted on servers in the European Union in accordance with the General Data Protection Regulation.

You can follow the procedures set up by our cloud solution provider Google Cloud Platform: https://cloud.google.com/privacy/gdpr

 

Maximal protection

From the moment you upload a file to our platform, it is protected by a certified HTTPS TLS 1.2 encryption protocol.

Before being stored, all files go through an AES-256 encryption protocol making them accessible and readable only to the corresponding user.

We also add a second layer of encryption so that the data is encrypted and unreadable by the cloud provider.

Control what you do whith your transcripts

You want to delete a file?

Don’t panic! If you delete a file from the Noota platform, it is deleted along with all associated data within 24 hours. 

No archive or residual traces.

Access to optimal security

Our hosting provider ensures optimal security with an infrastructure based on progressive layers that provide true defense in depth.

For more information on security protocols, you can visit the following link: https://cloud.google.com/security/infrastructure/

The security of your data, a priority for us

Noota makes every effort to ensure continuous monitoring of the security of the application and website, by analyzing all logs and anomalies detected and correcting them when necessary.

The development of the Solutions is conducted in compliance with the following “best practices”:

  • Employees responsible for hardware production and platform management are regularly trained in security best practices.
  • The hardware is regularly reviewed to identify any potential security vulnerabilities
  • The microservices used are regularly updated to avoid any vulnerability of the hardware
  • A dedicated test environment is used for development and for any hardware modifications