// security

Security for the meetings you record.

Notabium is a cloud service. Your recordings are encrypted, scoped to your account, and yours to delete. Here is exactly how we protect them.

Where your data lives

Recordings, transcripts, summaries, and account data are stored in our cloud infrastructure on Supabase (Postgres and Storage), with Cloudflare handling DNS. Transcription runs through ElevenLabs (with Groq as a fallback) and AI summaries and chat run through Anthropic Claude. We don't use your meetings to train models.

Access control

Every recording is owner-scoped. We enforce row-level security in the database, so a meeting is only ever readable by its owner and the people that owner explicitly shares it with. Authentication is required for all access to your data.

Encryption

Recording disclosure and consent

Notabium is built so the people in a meeting know it is being recorded:

Compliance posture

Responsible disclosure

If you find a security issue, please email notabium@proton.me. We acknowledge within 24 hours and work with you on a disclosure timeline. No bug bounty yet, but we credit reporters in release notes if they want.

Do not disclose publicly until we have shipped a fix. We aim to ship security fixes within 7 days of confirmed reports.