Security Practices
TalkWriter is not currently SOC 2 certified. However, we follow industry-standard security practices to protect your data. This page explains what we do and what we are working toward.
Current Status
| Certification | Status |
|---|---|
| SOC 2 Type I | Not certified |
| SOC 2 Type II | Not certified |
| Planned | On the Enterprise roadmap |
What We Do Today
Encryption
| Layer | Standard |
|---|---|
| Data in transit | TLS 1.3 between your Mac and our servers |
| Authentication | Secure OAuth 2.0 (Google) and encrypted password storage |
Data Handling
- No audio retention. Voice data is streamed in real time for transcription and is not stored on servers.
- No permanent text retention. Dictated content passes through the AI pipeline and is delivered to your device. It is not stored permanently.
- Minimal data storage. We store only your account profile, dictionary, snippets, settings, and session metadata for sync purposes.
Payment Security
- All payments are processed through Stripe. TalkWriter never sees or stores your credit card information.
Authentication
- Google OAuth -- secure federated authentication through Google.
- Email + password -- passwords are hashed and salted, never stored in plain text.
What We Are Working Toward
SOC 2 certification is on our roadmap for the Enterprise plan. This involves a formal third-party audit of our security controls covering trust service criteria: security, availability, confidentiality, processing integrity, and privacy.
FAQ
Is my data safe without SOC 2? SOC 2 is a formal audit certification, not a security technology. The security practices we follow (encryption, no data retention, secure authentication) protect your data regardless of certification status. SOC 2 provides independent verification that those practices are in place and working -- which is what we are working toward.
When will SOC 2 be available? SOC 2 certification is planned for the Enterprise plan. Contact sales@talkwriter.ai to express interest and be notified.
Can I get a security questionnaire filled out? Yes. Contact security@talkwriter.ai with your security questionnaire and we will complete it.
Was this helpful? Let us know at support@talkwriter.ai