// Trust & Security Report
Krisp Technologies, Inc.
Voice AI platform: AI Meeting Assistant (noise cancellation, transcription, recording, AI notes), Call Center AI / Agent Assist, and Developer SDKs/APIs (Voice Isolation, Noise Cancellation, Voice Translation, Accent Conversion)
Certifications held
5
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on trust.krisp.ai“Compliance: SOC 2 Type II ... Resources: 3rd Party Assessments and Certifications: SOC 2 Type 2 Report”
Verify on trust.krisp.ai“Compliance: ... PCI-DSS 4.0 ... Resources: PCI-DSS V4.0.1 AOC”
Verify on trust.krisp.ai“Compliance: ... HIPAA ... Resources: HIPAA Compliance Executive Summary. Updates: The updated 2026 HIPAA Compliance Audit Report has been uploaded to Krisp's Trust Center.”
Verify on trust.krisp.ai“Compliance: ... GDPR. (Privacy Policy: 'Additional Information for Users in the EEA and the U.K.' details legal bases for processing; 2025 Data Processing Addendum (DPA) listed under Privacy and Confidentiality.)”
Verify on trust.krisp.ai“Not listed among the compliance badges (SOC 2 Type II, PCI-DSS 4.0, HIPAA, GDPR) on Krisp's Trust Center; no ISO 27001 certificate found on a Krisp-owned page.”
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
United States only. 'All data is stored on secure servers located in the United States. At this time, Krisp does not offer regional data storage options.' Hosting via AWS (USA); Microsoft Azure used for specific backend functionality.
Krisp states it does not train AI/ML models on customer data and contractually opts out of training with third-party providers. Security page: 'We always make sure to opt out of any data sharing or training permissions when working with third-party service providers. This ensures that neither Krisp's data nor that of our customers is ever used for model training purposes.' Privacy Policy: 'no information obtained through such third-party apps or services (e.g. Google Workspace APIs) is used to develop, improve, or train generalized AI and/or ML models.' Noise Cancellation alone: no audiovisual data leaves the user's device or is stored by Krisp. For AI Meeting Assistant, transcripts/recordings/summaries are stored only on explicit opt-in.
// Security controls
Penetration testing
Third-party pen tests performed and published to Trust Center: 'Desktop App Pentest Report 2025' and 'Backend Pentest Report 2026'. Control: 'Penetration testing performed'.
trust.krisp.aiBug bounty
No public bug-bounty program (HackerOne/Bugcrowd) found on Krisp-owned pages; security contact is security@krisp.ai.
trust.krisp.aiAccess controls
Production database and environment access strictly restricted; encryption key access restricted; access requests required; employee background checks; NDAs.
trust.krisp.aiData lifecycle
Backups implemented; customer data securely deleted on request (support@krisp.ai / account deletion). Non-English audio recorded in transcribe-only mode is deleted immediately after transcript generation.
krisp.aiSubprocessors
AWS (hosting, USA), Twilio SendGrid (email, USA), HubSpot (marketing, USA), Microsoft Azure (backend, USA). Published on Trust Center.
trust.krisp.aiCyber insurance
Cybersecurity insurance maintained; Certificate of Insurance (Cyber Liability 2025-2026) available.
trust.krisp.ai// Products & data scope
data: On-device only. Krisp does not access or store any audiovisual data when only Noise Cancellation is used; no meeting content leaves the device.
Lowest data-exposure mode; strong privacy posture for users who only need noise/echo removal.
data: Stores meeting transcripts, recordings, summaries, calendar data, call metadata, integrations data in Krisp Cloud (US/AWS) on explicit opt-in. May share meeting content with third-party AI providers to generate summaries (providers contractually opted out of training). Governed by krisp.ai/privacy-policy.
Highest data footprint of the consumer/team products. HIPAA available to Business-tier subscribers under a BAA.
data: Stores minimal data in Krisp Cloud; enterprise admin teams retain full control. Governed by a SEPARATE 'Privacy Policy for Call Center AI' (the main privacy policy explicitly does not apply to Call Center AI customers and their End Users).
Enterprise-oriented; distinct legal/data scope from the consumer Meeting Assistant. Review the Call Center AI privacy policy separately for procurement.
data: Embedded in customer applications; processing scope depends on integration. SDK-level noise cancellation can run on-device.
Data/compliance scope is integration-dependent; evaluate per API contract.
// What to watch
- ISO 27001 NOT held / not evidenced — do not display as certified.
- No public bug-bounty program found.
- US-only data residency; no EU/regional storage option — relevant for EU data-residency-sensitive buyers.
- Call Center AI is governed by a separate privacy policy with a different data scope than the consumer Meeting Assistant — compare separately.
- HIPAA coverage requires a signed BAA and is tied to Business/enterprise tiers, not the free tier.
- AI Meeting Assistant shares meeting content with third-party AI subprocessors (opted out of training) to generate summaries.
// At a glance
Pricing model
Freemium subscription (free tier + paid Pro/Business tiers); enterprise and call-center plans via sales/demo; usage/contract-based developer SDK/API pricing
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Krisp Technologies, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
trust.krisp.ai