Your meetings contain the most candid conversations your organisation has. Strategy, personnel, financials, legal. We built Kyaxa so that data never leaves your control.
Your meetings, transcripts, and minutes are never accessible to us. The system is designed so that your content is only ever available to your organisation's authorised users. Not to our team. Not to our support. Not to anyone outside your organisation.
Kyaxa records from your device. There are no bots, no external attendees, and no third-party services joining your meetings. Your conversations are captured locally. The most sensitive conversations your organisation has never leave your environment to be captured in the first place.
Every organisation's data is completely isolated within our system. Your meetings, users, and settings exist in a boundary that cannot be crossed — even if there's a bug in the application. This isn't a policy. It's an architectural guarantee enforced at every layer.
Every significant action is recorded — logins, data access, permission changes, content modifications. The audit log is append-only. No one can modify or delete entries. Not users, not administrators, not us. Audit entries survive even if the associated data is deleted.
Meeting recordings are processed and then deleted. Once your minutes and transcript are generated, the original audio is removed from our system. The less sensitive data that exists, the smaller the attack surface.
All data is encrypted in transit and at rest. Every connection between components in our system uses TLS. Stored data is encrypted using AES-256. There are no unencrypted paths.
Granular visibility controls let you decide who sees what. Meetings can be personal, team-scoped, or organisation-wide. A strictly confidential mode locks content to the owner only — no one else can access it, regardless of their role.
Uploaded, processed, deleted. Audio exists in our system only for the duration of processing — typically minutes. Organisations that require retention can enable it with a configurable retention period.
Stored within your organisation's isolated environment. Accessible only to users you've authorised. Searchable only within your organisation's boundary.
Passwords are never stored. Authentication uses one-time magic links or API keys hashed with modern, irreversible algorithms. We cannot recover or view any user's credentials.
Immutable. Every action is logged with who, what, when, and where. Audit entries survive even if the associated data is deleted. They cannot be altered by any user or process.
Kyaxa is built with SOC 2 Type II controls from day one. Independently audited to meet enterprise data security standards. Certification in progress.
Full data subject rights support. Data processing agreements available. Data residency options for EU organisations.
For organisations that require it, Kyaxa can be deployed on your own infrastructure — fully on-premises, with no external dependencies. Your data never leaves your network.
Talk to us about security. We'll discuss our architecture in detail, provide documentation for your procurement team, or walk through the technical specifics with your security team. No sales process required.