Trust

Security at Slide Practice.

Data in transit

All connections to slidepractice.com use HTTPS with TLS 1.3. All API requests are authenticated and rate-limited.

Data at rest

Customer data is stored in encrypted PostgreSQL databases hosted in the United States region of a leading cloud provider. Audio recordings are stored in encrypted object-storage buckets with private access only.

Audio retention

Session audio is retained for 30 days by default and then automatically deleted. Coaches can delete audio earlier from their dashboard at any time. Generated recaps remain in the client portal until the coach or client deletes them.

AI processing

Audio is transcribed by an enterprise speech-to-text service and processed by an enterprise large language model. Under our contracts with these sub-processors, customer audio and transcripts are not used to train any third-party model. The current named providers are listed in the authenticated sub-processor document available from your account settings or via /legal/dpa-request.

Authentication

User authentication is handled by an enterprise identity provider. Two-factor authentication is available on all paid plans. Session tokens expire after 7 days of inactivity.

Reporting a vulnerability

If you believe you have found a security issue in Slide Practice, email support@slidepractice.com with the subject line SECURITY. We respond to all reports within 24 hours.