Is Callmine SOC 2 or ISO 27001 certified?

Not yet. Callmine is an early-stage product. We follow the encryption, isolation, and least-privilege practices below, and we'll publish formal compliance reports when we complete the audits.

Who can see my workspace's data internally?

Production access is least-privileged, scoped to incident response and customer support, and audited. Workspace credentials are encrypted with an application-side key — even with database access, your Gong, HubSpot, and Slack credentials are not directly readable.

Does Callmine train LLMs on my call data?

No. We use OpenAI and Anthropic via their API products, which do not train on API inputs by default. We do not ship call data to any third party other than the analysis providers and the storage providers listed below.

How do I request data deletion?

Email `hello@callmine.ai`. We'll permanently delete all reports, transcripts, and workspace data tied to your account within seven business days of the request.

How does Callmine protect your data?

Trust & support·May 31, 2026·2 min·By Callmine Team

Callmine encrypts data at rest and in transit, isolates workspaces, retains per plan, logs admin actions, and discloses every sub-processor.

TL;DR

Data is encrypted in transit (TLS) and at rest. Workspace credentials get a second layer of application-level encryption keyed to our secret manager. Workspaces are isolated at every database query. Admin actions write to a 14-event audit log at /audit.

Encryption

In transit, every API call between your browser, Callmine, Gong, HubSpot, Slack, and the LLM providers runs over HTTPS/TLS. There is no plaintext-on-the-wire path.

At rest, all data in Google Cloud SQL (Postgres) and Google Cloud Storage is encrypted by Google's infrastructure-level keys. On top of that, workspace integration credentials — your Gong access key, OAuth refresh tokens, HubSpot tokens, Slack tokens — are encrypted application-side with a symmetric key stored in Google Secret Manager. A read of the database alone does not expose those credentials.

Workspace isolation

Every Callmine workspace is a Clerk Organization. Every database read and write is scoped to a workspace_id, enforced at the query layer. Cross-workspace data leakage is a class of bug we treat as a critical incident — we have automated tests that fail the build if a new query omits the scope.

Retention

Reports are retained per plan. Trial and Free retain for 30 days. Starter retains for 90 days. Growth retains for 1 year. Scale retains indefinitely. Older data is hidden from the UI past the retention window; it is not deleted from storage until you request deletion via hello@callmine.ai. See Privacy and DPA for the full data-handling agreement.

Audit log

Workspace admins can review a per-workspace audit log at /audit. Fourteen event types are recorded — including integration changes, billing actions, member changes, schedule edits, and report exports — with actor identity, timestamp, and a structured diff blob. Logs are filterable and paginated.

Sub-processors

Callmine relies on the following sub-processors:

·Google Cloud Platform — compute (Cloud Run), database (Cloud SQL), storage (Cloud Storage), secret management (Secret Manager).
·Clerk — authentication, organization membership, session management.
·Stripe — billing, subscription management, payment processing.
·OpenAI — LLM analysis (selected models per workspace plan).
·Anthropic — LLM analysis (selected models per workspace plan).

The current list lives at Sub-processors. We give 30 days' notice via that page before adding a new sub-processor.

What we don't do

We do not train any model on your call data. We do not share your data with third parties beyond the sub-processors above. We do not retain analysis prompts, transcripts, or report outputs on the LLM providers' side — every analysis runs through their API tiers, which do not retain inputs for training by default.