Security & Data Protection

Encryption & Infrastructure

All traffic between your browser and Teneks is protected with HTTPS/TLS encryption. Data stored on our servers is encrypted using AES-256 encryption. We host our platform on Microsoft Azure in the France Central region, which provides built-in security features including DDoS protection. Daily backups are automatically replicated to West Europe for data protection.

Data Masking & Anonymisation

Teneks can automatically detect and redact personally identifiable information (PII) from exported transcripts to help protect customer privacy and support compliance requirements.

Current PII Protection

• Email Addresses: Automatic detection and masking in transcript exports
• Phone Numbers: Recognition of various phone number formats
• Names: Basic name detection and redaction capabilities
• Credit Card Numbers: Financial data protection for sensitive conversations

For platform improvements, we use only fully anonymised and aggregated usage data — such as feature‑usage patterns, page views and session durations — that describes how users interact with the platform interface. We never use customer content data (audio, transcripts, conversation analytics) for platform improvement. All usage data is aggregated so that it cannot be traced back to any individual or organisation (GDPR Recital 26).

Planned Enhancements

• Real-time PII Redaction: Live masking during call assistance (planned for Q3 2026)
• Enhanced Detection: Improved accuracy and additional PII types
• Export Controls: Granular options for what to redact per export

Access Control & Application Security

Users sign in securely using Google or Microsoft accounts through OAuth 2.0. This means we don't store your passwords - authentication is handled by these trusted providers. All API requests are protected with JWT tokens to ensure only authorized users can access your data.

Who Can Access Customer Data

Access to customer content data (audio recordings, transcripts, conversation analytics) is strictly controlled:

• Your Organisation: Users within your organisation, scoped by role‑based permissions (User, Manager, Admin).
• Teneks Founder / CEO: For administrative and support purposes only, under strict confidentiality obligations.
• Designated Account Manager: If assigned in the future, bound by NDA. You will be notified before any assignment.

Teneks employees do not have access to your audio recordings, transcripts or conversation analytics. Technical infrastructure access is limited to system administrators who can only view anonymised metadata for operational purposes.

Our application follows secure coding practices and we regularly update dependencies to address any security vulnerabilities. Azure provides the underlying infrastructure security including network protection and access controls.

Data Retention & Audit Trails

• Audio: 30 days by default (customisable).
• Transcripts: retained per customer policy.
• Inference & event logs: 2 years to support EU‑AI‑Act audits.
• Deletion on request: customers can trigger secure erasure at any time.

Incident Response

Platform health is monitored continuously; security alerts are reviewed by an on‑call engineer. We commit to acknowledging any critical vulnerability report within 24 hours.

Compliance Roadmap

Our compliance roadmap prioritises EU regulations first, followed by internationally recognised certifications.

Sub-processors & Third Parties

We use a small number of vetted sub-processors, each bound by a data processing agreement under GDPR.

We will update this list within 30 days if additional analytics, monitoring, or support vendors are engaged. Customer data is never shared with marketing or advertising platforms.

Security Monitoring & Testing

We use Azure Monitor and automated dependency scanning to detect security issues early.

• Infrastructure Monitoring: Azure Monitor provides alerts for system anomalies and security events
• Access Logging: All authentication attempts and administrative actions are logged
• Dependency Scanning: Automated alerts for known vulnerabilities in our codebase dependencies
• External Security Testing: OWASP Top-10 penetration test scheduled for December 2026

Platform health is monitored continuously; security alerts are reviewed by our engineering team. We commit to acknowledging any critical vulnerability report within 24 hours and will provide customer notification for any incident affecting data security.

Business Continuity & Disaster Recovery

Our infrastructure runs on Microsoft Azure with built-in redundancy and backup across two EU regions.

• Automated Backups: Daily backups to Azure Geo-Redundant Storage with 30-day retention
• Geographic Redundancy: Data replicated between France Central and West Europe regions
• Azure Availability Zones: Infrastructure distributed across multiple zones for resilience
• Database Failover: Automatic failover capabilities through Azure SQL Database
• Incident Communication: Customer notification within 24 hours for service-affecting incidents

As a growing startup we continue to strengthen our disaster recovery. Azure's managed infrastructure gives us a strong baseline for data protection and service continuity.

Security White Paper

The detailed Teneks Security White Paper is not publicly available. It is available upon request for qualified security, procurement, and legal reviews. Contact security@teneks.ai.

Responsible Disclosure

Found a vulnerability? Email security@teneks.ai. We'll respond within one business day.