Last updated: 31 May 2026
Protokol handles sensitive client conversations, so security is built into how the product works. This page summarises our main controls.
Data is encrypted in transit (HTTPS/TLS) and at rest in our database and file storage.
Each account’s data is isolated using row-level security, so one customer can never read another customer’s meetings, transcripts, clients, or settings.
Access to production data is restricted to the minimum necessary and protected by authentication. Server-only credentials are never exposed to the browser.
Our primary database and recording storage are hosted in the EU. See Privacy for the full list of sub-processors.
Our assistant joins meetings under a clearly visible name and posts a recording notice, so participants know a recording is being made.
Every “exact quote” in an answer sheet is checked in code against the real transcript. If a quote cannot be found, it is removed and the answer is downgraded — the system cannot invent evidence to inflate a compliance score.
You can delete individual meetings at any time and request full account deletion by emailing support@getprotokol.app.
If you believe you have found a security issue, please email support@getprotokol.app and we will respond promptly.
© 2026 Protokol. All rights reserved.