Data storage
All data is encrypted in transit (TLS) and at rest. Study data — transcripts, analysis results, participant info — lives in managed databases with access controls.Recordings
Session recordings and clips are in secure cloud storage with signed, time-limited playback URLs, meaning:- Recordings aren’t publicly accessible
- Links expire after a set period — shared clip links expire after 24 hours
- Only authenticated users with study access can view them
Third-party services
Humanize uses a few third-party services:- Transcription — a speech-to-text service processes session audio
- Text-to-speech — generates the AI moderator’s voice
- Video processing — creates clips and supercuts from recordings
- AI analysis — large language models process transcripts, audio, and video to generate themes, summaries, emotion analysis, and insights
Compliance
SOC 2 Type II certification is in progress, covering humanize.app, go.humanize.app, and the Humanize API. For our current security documentation, see humanize.app/security.Data retention
Study data stays as long as your account is active. Archived studies remain accessible but aren’t actively processed. Need something deleted? Email us.Participant data
Participant data includes name, email, screener responses, session recordings, and transcript contributions. It’s scoped to your study and only accessible to users with permission. Not shared across studies or with other customers. Participants agree to the study privacy policy when they confirm their spot, before any session data is collected.GDPR
If you’re researching with participants in the EEA:- Participants consent during signup before any data is collected
- They’re told sessions will be recorded
- You can request deletion of participant data by contacting us
- Processing is covered by our data processing agreement
Need a DPA for your organization? Email us and we’ll get one set up.