Trust · v.2026.05 · Last updated May 16, 2026

Privacy,
security & how
it actually works.

Driffle handles sensitive context — calendars, messages, transcripts, browsing. We think you deserve a plain-English account of what we store, what we don’t, and the limits of where we are today. No certification badges we haven’t earned, no buzzwords. If something below doesn’t add up, tell us.

Driffle privacy seal
CertificationsNot yet
No SOC 2 or ISO — yet.
We are not currently certified against SOC 2, ISO 27001, or HIPAA. We’ve begun the readiness work and expect our first Type 1 report in Q4. Until then, treat this page as a description of our practices, not a third-party attestation.
Read our honest status
ComplianceIn practice
GDPR & CCPA aligned.
We follow GDPR and CCPA principles: data minimisation, right to access, right to delete, and a Data Processing Addendum available on request. We are not yet audited against either, and we’ll say so when that changes.
Request our DPA
VulnerabilitiesOpen
Tell us if we’re wrong.
If you’ve found something that looks broken, please write to security@driffle.ai. We respond within 1 business day and credit researchers in our changelog when fixes ship.
Disclosure policy
The basics

Six things to know before reading anything else.

Skim these. If they answer your question, you can stop here. Everything below is the long version.

01

Nothing happens automatically.

Driffle never auto-joins meetings, auto-records, or runs in the background. You hit a button, it works. You close it, it stops.

02

We don’t store the audio.

Audio is transcribed in real time and discarded. We retain the resulting text and the notes you write — not the raw recording.

03

Vendors don’t train on you.

Our transcription and model vendors (OpenAI, Anthropic, Deepgram) are contractually blocked from training on your content.

04

You can opt out of ours, too.

We may train internal models on anonymised, aggregated data to improve quality. There’s a single toggle in Settings to turn that off. Workspace plans default to off.

05

Notes are private by default.

Your notes are visible only to you until you explicitly share. Workspace admins do not see private notes — only what’s shared into shared folders.

06

Delete means delete.

Individual notes are removed immediately. Full-account deletion clears your data within 30 days, including backups. We’ll show you the receipt.

Data lifecycle · from a meeting to a memory

What happens between “record”
and a searchable note.

The single most-asked question we get: “Wait, do you actually keep the audio?” No. Here’s the whole pipeline, with retention windows in the bottom corner of each card.

Dropped
Audio
Captured on-device, streamed to our transcription vendor only when local transcription isn’t possible.
Lifespan · <60 sec
Kept
Transcript
Text of what was said. Encrypted at rest with AES-256 in our US AWS VPC. You can edit or delete any segment.
Lifespan · until you delete
Kept
Notes
Your edits, AI-generated summaries, and any context you add. Indexed for search inside your account only.
Lifespan · until you delete
Backup
Snapshot
Daily encrypted snapshots in the same VPC. Used only for disaster recovery, never for analytics.
Lifespan · 30 day window

Data security

06 QUESTIONS
How does Driffle secure customer data?

Notes, transcripts, and account metadata are stored in our US-region AWS Virtual Private Cloud. They are encrypted at rest using AES-256 and in transit using TLS 1.2+. Daily snapshots are retained for 30 days and encrypted with the same keys.

Access to production systems is limited to a small number of engineers, requires hardware MFA, and is logged. We use separate environments for development, staging, and production, with no customer data outside production.

Does Driffle run locally or send data to the cloud?

For desktop, transcription happens locally on macOS and Windows where the hardware supports it; otherwise it’s streamed to our transcription vendor and returned as text. Either way, the final transcript and your notes round-trip to our cloud so they sync across devices.

If you need a strictly on-device deployment, ask us about workspace plans — we’re working on an offline-only mode for regulated industries.

How do you handle security vulnerabilities?

We maintain a public Vulnerability Disclosure Policy. Reports go to security@driffle.ai with optional PGP. We aim to acknowledge within 1 business day, triage within 3 days, and patch critical issues within 7. Post-mortems for resolved vulnerabilities are published openly — we believe you should be able to read about our mistakes.

Do you conduct penetration tests?

Yes. We engage an independent third-party firm for an annual application and infrastructure pentest. The most recent test was completed in February 2026. We don’t publish the full report, but a summary letter is available under NDA.

Does Driffle have any security certifications?

Honest answer: no, not yet. Here’s where we are today:

  • SOC 2 Type 1 — readiness work began in March 2026, audit window starts in Q3, report expected by end of year.
  • SOC 2 Type 2 — expected 6 months after Type 1 closes.
  • ISO 27001— no concrete timeline yet. We’re focused on SOC 2 first.
  • HIPAA — we do not currently sign BAAs. Do not use Driffle for PHI.

We’ll update this page the moment any of that changes — not in a launch announcement, not in a footer badge, here.

Do you support SSO and SAML?

Yes, on workspace plans. We support SAML 2.0 with any IdP that speaks it (Okta, Google Workspace, Azure AD, OneLogin, JumpCloud). SCIM provisioning is in beta. Workspace plans also get just-in-time deprovisioning when a user leaves your IdP.

Storage & processing

05 QUESTIONS
Where is my data stored?

All customer data is stored in AWS regions in the United States (us-east-1 primary, us-west-2 for failover). EU residency is on the roadmap for late 2026 but is not available today. If EU residency is a hard requirement, please tell us before signing up so we can be straight with you about timing.

What happens to my data if I delete my account?

Account deletion is immediate from your perspective — notes vanish, links break, the workspace closes. Behind the scenes, your data is purged from primary storage within 24 hours and from encrypted backups within 30 days. We’ll send you a written confirmation when the backup window closes.

Can I export a copy of all my data?

Yes. Settings → Export generates a ZIP containing every note as Markdown, every transcript as plain text, and a JSON manifest of metadata. Exports are produced asynchronously and emailed to you when ready, usually within minutes.

What are your data retention policies?

We keep your notes and transcripts for as long as your account is active. Audit logs are retained for 12 months. Anonymised, aggregated usage telemetry is kept for 24 months. Raw audio (when it briefly exists in transit during cloud transcription) is dropped within 60 seconds.

How does Driffle use data from my Google or Microsoft account?

We request the narrowest scopes we can: read-only calendar (to know what meeting you’re in), profile (to know your name), and email (to identify you). We do not read your inbox and we do not write to your calendar. Tokens are encrypted at rest and revocable from your account dashboard or directly from Google / Microsoft.

AI & models

05 QUESTIONS
Do you train on my data?

We may train internal models on anonymised, aggregated content to improve summary quality and feature ranking. You can disable this in Settings → Privacy → Training. Workspace plans have training disabled by default; individuals opt-in implicitly and can opt out at any time.

When you turn training off, we drop your future content from our training pipeline immediately. Content that has already contributed to a trained model cannot be retroactively removed from that model — this is a limitation of the technology, not an exception we want to hide.

Do your AI vendors train on my data?

No. We use OpenAI, Anthropic, Deepgram, and AssemblyAI under zero-retention or short-retention agreements that explicitly prohibit model training on customer prompts. Vendors are listed in our subprocessor registry, which we update before adding any new vendor.

Can I bring my own model keys?

On workspace plans, yes. You can point Driffle at your own OpenAI, Anthropic, or Azure OpenAI deployment and we’ll route all model calls through your tenant. We never see the prompts or responses in that mode.

Which model is used for what?

Transcription: Deepgram Nova-3 by default, AssemblyAI as fallback. Summarisation and chat: Anthropic Claude Sonnet 4.5 by default. Embeddings: an in-house model running on our infrastructure. The active model for each request is logged and visible in the meeting’s metadata pane.

What if a model gets something wrong?

You can edit or delete any AI-generated note, attribution, or summary. We don’t use AI output for any consequential decision about you (no scoring, no ranking, no eligibility). If you find a consistent error pattern, please write to help@driffle.ai.

Account & access

04 QUESTIONS
Who can see my notes?

By default, only you. Notes become visible to other people only when you explicitly share them — via a share link, a folder permission, or a workspace channel. A small number of Driffle engineers can technically access production data for incident response; all such access is logged and reviewed.

Can my workspace admin read my private notes?

No. Workspace admins see usage reports, billing, and any content explicitly shared into workspace folders. They do not see your personal folder, your private meetings, or your draft notes. We have considered “admin override” modes and chosen not to ship one.

How is my password / session handled?

We don’t store passwords — authentication is done via Google, Microsoft, or your SAML IdP. Sessions are signed JWTs scoped to a single device, valid for 14 days, and revocable from Settings → Devices. Idle sessions are forced to re-auth on workspace plans per your admin’s policy.

Can I use Driffle without an account?

Not yet. Some features (transcription, notes) require an account because they sync across devices. We’re exploring a local-only mode that keeps everything on-device and requires no signup — no firm date.

For workspaces

04 QUESTIONS
Do you sign DPAs?

Yes. Our standard DPA covers GDPR Article 28 controller-processor terms and Standard Contractual Clauses for EU-to-US transfer. We can sign as-is or work through reasonable redlines. Request a copy from dpa@driffle.ai.

Can I run Driffle in my own cloud?

We offer a private-tenant deployment in AWS for workspaces of 200+ seats. Your data lives in an isolated VPC under our operational control, with a separate KMS key tree. A true self-hosted (customer-operated) build is on the roadmap but not available today.

Do you have audit logs?

Workspace admins can export an audit log of authentication events, share-link creation, permission changes, and export actions. Logs are available via the dashboard or as a SIEM-friendly JSON stream. Retention is 12 months by default; longer on request.

What does your subprocessor list look like?

AWS (hosting), Anthropic (LLM), OpenAI (LLM, fallback), Deepgram (transcription), AssemblyAI (transcription, fallback), Stripe (billing), Stytch (auth), Linear (issue tracking, no customer data), Sentry (error reporting with PII redaction), Resend (email). Email trust@driffle.ai to subscribe to subprocessor change notifications.

Terms & policies.

Terms

Platform Terms

What you agree to when you start using Driffle.

Read

User Terms

Your terms as an individual inside a workspace.

Read

Acceptable Use

The handful of things you can’t use Driffle for.

Read
Privacy

Privacy Policy

What data we collect, why, and how to get it back.

Read

Data Processing Addendum

For controllers under GDPR. Available on request.

Request

Subprocessors

Every vendor that touches your data. Updated 2 May 2026.

Read
Reports

Penetration test — Feb 2026

Summary letter from our third-party assessor. NDA required.

Request

Status & uptime

Live system status and 90-day incident history.

Visit

Post-mortems

Public write-ups of resolved incidents and vulnerabilities.

Read