// Trust & Security Report

    Krisp Technologies, Inc. logo

    Krisp Technologies, Inc.

    Voice AI platform: AI Meeting Assistant (noise cancellation, transcription, recording, AI notes), Call Center AI / Agent Assist, and Developer SDKs/APIs (Voice Isolation, Noise Cancellation, Voice Translation, Accent Conversion)

    Certifications held

    5

    Maturity

    Enterprise

    Trains on your data

    No

    Trust center

    Yes

    // Certification ledger

    Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.

    SOC 2 Type II
    HELD

    Compliance: SOC 2 Type II ... Resources: 3rd Party Assessments and Certifications: SOC 2 Type 2 Report

    Verify on trust.krisp.ai
    PCI-DSS v4.0
    HELD

    Compliance: ... PCI-DSS 4.0 ... Resources: PCI-DSS V4.0.1 AOC

    Verify on trust.krisp.ai
    HIPAA
    HELD

    Compliance: ... HIPAA ... Resources: HIPAA Compliance Executive Summary. Updates: The updated 2026 HIPAA Compliance Audit Report has been uploaded to Krisp's Trust Center.

    Verify on trust.krisp.ai
    GDPR
    HELD

    Compliance: ... GDPR. (Privacy Policy: 'Additional Information for Users in the EEA and the U.K.' details legal bases for processing; 2025 Data Processing Addendum (DPA) listed under Privacy and Confidentiality.)

    Verify on trust.krisp.ai
    ISO 27001
    HELD

    Not listed among the compliance badges (SOC 2 Type II, PCI-DSS 4.0, HIPAA, GDPR) on Krisp's Trust Center; no ISO 27001 certificate found on a Krisp-owned page.

    Verify on trust.krisp.ai

    // Privacy & AI training

    Trains on customer data

    No

    Data processing agreement

    Offered

    Data region

    United States only. 'All data is stored on secure servers located in the United States. At this time, Krisp does not offer regional data storage options.' Hosting via AWS (USA); Microsoft Azure used for specific backend functionality.

    Krisp states it does not train AI/ML models on customer data and contractually opts out of training with third-party providers. Security page: 'We always make sure to opt out of any data sharing or training permissions when working with third-party service providers. This ensures that neither Krisp's data nor that of our customers is ever used for model training purposes.' Privacy Policy: 'no information obtained through such third-party apps or services (e.g. Google Workspace APIs) is used to develop, improve, or train generalized AI and/or ML models.' Noise Cancellation alone: no audiovisual data leaves the user's device or is stored by Krisp. For AI Meeting Assistant, transcripts/recordings/summaries are stored only on explicit opt-in.

    // Security controls

    Encryption in transit

    TLS 1.2 enforced across all services (no exception)

    krisp.ai

    Encryption at rest

    AES-256 (no exception); 'All audio is encrypted in transit and at rest.'

    krisp.ai

    Penetration testing

    Third-party pen tests performed and published to Trust Center: 'Desktop App Pentest Report 2025' and 'Backend Pentest Report 2026'. Control: 'Penetration testing performed'.

    trust.krisp.ai

    Bug bounty

    No public bug-bounty program (HackerOne/Bugcrowd) found on Krisp-owned pages; security contact is security@krisp.ai.

    trust.krisp.ai

    Access controls

    Production database and environment access strictly restricted; encryption key access restricted; access requests required; employee background checks; NDAs.

    trust.krisp.ai

    Data lifecycle

    Backups implemented; customer data securely deleted on request (support@krisp.ai / account deletion). Non-English audio recorded in transcribe-only mode is deleted immediately after transcript generation.

    krisp.ai

    Subprocessors

    AWS (hosting, USA), Twilio SendGrid (email, USA), HubSpot (marketing, USA), Microsoft Azure (backend, USA). Published on Trust Center.

    trust.krisp.ai

    Cyber insurance

    Cybersecurity insurance maintained; Certificate of Insurance (Cyber Liability 2025-2026) available.

    trust.krisp.ai

    // Products & data scope

    Noise Cancellation (standalone)Real-time audio processing (desktop/SDK)

    data: On-device only. Krisp does not access or store any audiovisual data when only Noise Cancellation is used; no meeting content leaves the device.

    Lowest data-exposure mode; strong privacy posture for users who only need noise/echo removal.

    AI Meeting Assistant (Teams)Meeting transcription, recording, AI notes/summaries, CRM sync

    data: Stores meeting transcripts, recordings, summaries, calendar data, call metadata, integrations data in Krisp Cloud (US/AWS) on explicit opt-in. May share meeting content with third-party AI providers to generate summaries (providers contractually opted out of training). Governed by krisp.ai/privacy-policy.

    Highest data footprint of the consumer/team products. HIPAA available to Business-tier subscribers under a BAA.

    Call Center AI / Agent AssistContact-center voice AI (noise cancellation, accent conversion, voice translation, agent assist)

    data: Stores minimal data in Krisp Cloud; enterprise admin teams retain full control. Governed by a SEPARATE 'Privacy Policy for Call Center AI' (the main privacy policy explicitly does not apply to Call Center AI customers and their End Users).

    Enterprise-oriented; distinct legal/data scope from the consumer Meeting Assistant. Review the Call Center AI privacy policy separately for procurement.

    Developer SDKs / APIsVoice Isolation SDK, Noise Cancellation SDK, Voice Translation API, Accent Conversion SDK

    data: Embedded in customer applications; processing scope depends on integration. SDK-level noise cancellation can run on-device.

    Data/compliance scope is integration-dependent; evaluate per API contract.

    // What to watch

    • ISO 27001 NOT held / not evidenced — do not display as certified.
    • No public bug-bounty program found.
    • US-only data residency; no EU/regional storage option — relevant for EU data-residency-sensitive buyers.
    • Call Center AI is governed by a separate privacy policy with a different data scope than the consumer Meeting Assistant — compare separately.
    • HIPAA coverage requires a signed BAA and is tied to Business/enterprise tiers, not the free tier.
    • AI Meeting Assistant shares meeting content with third-party AI subprocessors (opted out of training) to generate summaries.

    // At a glance

    Pricing model

    Freemium subscription (free tier + paid Pro/Business tiers); enterprise and call-center plans via sales/demo; usage/contract-based developer SDK/API pricing

    Self-hostable

    No

    // How we verified this

    Every certification marked HELD is confirmed against a verbatim quote on Krisp Technologies, Inc.'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.

    Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.

    trust.krisp.ai

    > Browse all vendor trust reports