Call data handled with enterprise-grade controls
Coachvyne is designed with SOC 2 Type II controls in mind and built on infrastructure with end-to-end encryption, strict access segregation, and audit logging throughout.
Request Security ReviewSecurity at every layer
Encryption in transit and at rest
All data is encrypted in transit using TLS 1.3. Call transcripts and behavior scores are encrypted at rest using AES-256. Encryption keys are managed via AWS KMS with automatic rotation.
Role-based access control
Rep data is scoped by role. Reps see only their own scores. Managers see their direct reports. Admins configure access. Cross-tenant data isolation enforced at the database query level.
SSO and MFA support
Supports SAML 2.0 SSO for enterprise customers (Okta, Azure AD, Google Workspace). Multi-factor authentication enforced for all users on Growth and Performance plans.
Audit logging
All authentication events, data access events, and administrative actions are logged with timestamps and user identifiers. Logs retained for 12 months. Available for export on Performance plan.
Cloud infrastructure
Hosted exclusively on AWS in us-east-1. Call transcript processing uses isolated per-tenant compute environments. No shared processing queues between customer accounts.
Data retention and deletion
Transcript data is retained for 24 months by default and deleted on account termination within 30 days. Customers on Performance plan can configure custom retention periods and request deletion at any time via the admin console.
Designed with SOC 2 Type II in mind
Coachvyne's infrastructure, access controls, and operational procedures are designed with SOC 2 Type II requirements in mind. Our trust service criteria cover security, availability, processing integrity, and confidentiality.
Security documentation and the current shared responsibility model are available to enterprise prospects under NDA. Contact [email protected] to request the security review package.
Responsible disclosure
Found a security issue? We take vulnerability reports seriously and commit to responding within 72 hours. Contact our security team directly:
[email protected]