Keeping customer data secure is a top priority at Notta. We employ enterprise-grade security practices, including compliance audits, admin management, and privacy protections, to ensure the utmost safety of your data.
SOC 2 Type II
Notta has successfully obtained SOC 2 Type II certification through an independent audit. This certification attests to an organization’s controls over security, availability, processing integrity, confidentiality, and privacy.
ISO 27001
ISO 27001 is the international standard for information security. Notta follows the guidelines to secure user information in all forms and protect confidentiality of data.
GDPR
Compliant with the General Data Protection Regulation (GDPR) to properly handle personal data of EU citizens and protect its privacy.
CCPA
Compliant with the California Consumer Privacy Act (CCPA). This legislation requires businesses to ensure transparency in data collection and processing.
HIPAA
Follow HIPAA guidelines to safeguard the privacy and security of individuals’ medical records and health information.
Infrastructure
Notta hosts all its software on Amazon Web Services (AWS), a leading infrastructure provider that provides a reliable, scalable, and secure environment for storing data in the cloud.
Data encryption
All data is encrypted in transit using TLS 1.2 and at rest using the industry standard AES-256 encryption algorithm, ensuring that sensitive information is kept private and secure.
Data backup and recovery
Notta implements a robust data backup and disaster recovery system. User data is regularly backed up (on AWS S3 and Aurora) and can be swiftly restored in case of unexpected events.
Vulnerability management
Notta runs regular vulnerability scanning across its production infrastructure, applications, and networks to identify potential threats timely. We also do periodic penetration testing.
Incident response
Notta takes a structured approach to addressing and managing security incidents promptly, minimizing their impact and preventing future occurrences.
Single Sign-On (SSO)
SSO allows you to authenticate users within your organization so they can access multiple applications or systems with a single set of login credentials.
We have established a security group within the company consisting of senior managers: CPO (Chief Privacy Officer ) and CISO (Chief Information Security Officer).
Activity audit
Notta's activity (audit) log offers visibility into user activity to prevent potential security intrusions. We also employ role-based permissions to limit data processing and sharing.
Testing and validation
Before releasing each product version, we conduct comprehensive testing and validation, including unit tests, integration tests, and system tests to ensure our system's reliability and stability under all conditions.
Security education
All Notta staff undergo security and privacy awareness training regularly to learn the best security practices. We also encourage users to take proactive security measures, such as changing passwords regularly and avoiding logging in on shared devices.
Learn More