Company Information
At BriefCatch, security is a top priority, and we place great emphasis on safeguarding the sensitive information entrusted to us by our clients.
BriefCatch is SOC-2 Type 1 compliant, a testament to our unwavering commitment to following industry best practices and standards. This compliance serves as evidence of our dedication to implementing robust security controls and measures to protect data. It demonstrates our proactive approach to addressing potential risks and vulnerabilities, as well as our commitment to continuously improving our security posture.
By adhering to the rigorous requirements of SOC-2 Type 1, we assure our clients that their data is handled with the utmost care and subject to stringent security protocols. Our SOC-2 Type 1 compliance underscores our ongoing efforts to maintain the highest standards of security and our dedication to providing our clients with the peace of mind they deserve when entrusting us with their valuable information.
As explained in more detail below, BriefCatch does not retain and no BriefCatch employee can view content from your documents or the proprietary suggestions our software offers to you.
Software Information
BriefCatch 3 is a Microsoft approved AppSource Office Add-in. You can install BriefCatch 3 from the Microsoft AppSource store or deploy it via the Microsoft 365 admin center. BriefCatch 3 supports Microsoft Single Sign-On for account creation and access.
BriefCatch 3 runs on Google Cloud, which defends your data against threats and fraudulent activity using the same infrastructure Google uses for its own operations. Google’s 500+ security engineers, including some of the world’s foremost experts, work around the clock to spot threats early and respond quickly.
Supported versions include Microsoft Word 2016 or later on Windows, Microsoft Word 2016 or later on macOS, and Microsoft Word for Web (Microsoft 365 Online).
Data Processing & Data Retention
BriefCatch 3 uses real-time data streams to process documents on secure servers. The server returns only the results of the scan. We do not—and our vendors, including Google, do not—collect, log, or retain the original document text nor the text from the scan. No one can view any of the original document text or the text from the scan, including during the scan itself.
All connections to and from BriefCatch are encrypted using TLS 1.2/1.3.
PII & User Data
We log limited user data, such as user settings within the app and basic user information like name and email address. None of the data we collect allows us or any other party to reconstruct the text from your documents.
Any company or user can submit a support request to remove their data entirely from BriefCatch.
Servers & Hosts
We use servers hosted by:
- Google Cloud: https://cloud.google.com/security/compliance
- Microsoft Azure: https://azure.microsoft.com/en-us/explore/security/
Databases hosted by:
- Google Firebase: https://firebase.google.com/support/privacy
- Amazon Web Services: https://aws.amazon.com/security/
All servers are located in the United States.
BriefCatch stores frontend code (HTML, CSS, and JavaScript) on CDN Cache locations. There is no user-linked data with frontend assets. All data is encrypted at rest: https://cloud.google.com/docs/security/encryption/default-encryption
Payment Processor:
- Stripe: https://stripe.com/docs/security
Error Notifications:
- Sentry: https://sentry.io/security/
Email Notifications:
- MailChimp: https://mailchimp.com/about/security/