TriLuna Try it free

Legal

Security

Security

Last Updated: January 30, 2025

Our commitment to security

At TriLuna, security is fundamental to everything we do. We understand that you’re trusting us with sensitive communication data — including private group meetings — and we take that responsibility seriously. This page outlines our security practices and commitments to protecting your information.

Data protection principles

We follow core security principles to protect your data:

  • Minimal Data Collection: We collect only the data necessary to provide our services
  • Encryption Everywhere: Data is encrypted in transit and at rest
  • Access Controls: Strict authentication and authorization for all system access
  • Regular Audits: Continuous monitoring and security assessments
  • Incident Response: Rapid response procedures for security events
  • Vendor Security: Due diligence on all third-party service providers

Technical security measures

Encryption

  • All data transmission uses TLS/SSL encryption (minimum TLS 1.2)
  • Database encryption at rest using industry-standard algorithms
  • Call recordings, meeting recordings, and sensitive data encrypted with strong encryption keys
  • End-to-end encryption for supported communication channels

Access controls

  • Multi-factor authentication (MFA) required for all administrative access
  • Role-based access control (RBAC) with principle of least privilege
  • Regular access reviews and deprovisioning procedures
  • Secure authentication tokens with appropriate expiration

Infrastructure security

  • Cloud infrastructure with enterprise-grade security controls
  • Network segmentation and firewall protection
  • Intrusion detection and prevention systems
  • Regular security patching and updates
  • Automated backup and disaster recovery procedures

Third-party security

We work with industry-leading service providers who maintain their own robust security standards:

VendorSecurity posture
🟢 TwilioSOC 2 Type II certified, GDPR + HIPAA compliant, enterprise-grade telecommunications security
🟢 ElevenLabsAdvanced AI model security, data processing agreements, voice data protection protocols
🟢 OpenAI / Anthropic / GoogleEnterprise API security controls, data processing limitations, privacy-preserving AI processing
🟢 Cloud providers (AWS)ISO 27001 certified infrastructure, physical security controls, global compliance frameworks

Compliance and certifications

We maintain compliance with relevant industry standards and regulations:

  • GDPR: European data protection regulation compliance
  • CCPA: California Consumer Privacy Act adherence
  • SOC 2: Working toward SOC 2 Type II certification
  • Telecommunications: Compliance with applicable telecom regulations
  • A2P 10DLC: US SMS compliance and registration

Data retention and deletion

We implement secure data lifecycle management:

  • Call and meeting recordings typically retained for 90 days unless longer retention is required
  • Secure deletion procedures for expired data
  • User-requested data deletion within 30 days
  • Backup data encryption and secure disposal

Incident response

In the event of a security incident, we have procedures to:

  • Detect and respond to security events within 1 hour
  • Contain and mitigate any potential impact
  • Investigate root causes and implement fixes
  • Notify affected users within 72 hours when required
  • Coordinate with law enforcement and regulators as necessary
  • Conduct post-incident reviews and improvements

User security best practices

Help us keep your data secure by following these best practices:

  • Use strong, unique passwords for your TriLuna account
  • Enable two-factor authentication when available
  • Keep your contact information up to date
  • Report suspicious activity immediately
  • Log out of shared or public devices
  • Regularly review your account activity

Reporting security issues

If you discover a security vulnerability or have security concerns, please contact us immediately:

Security Email: security@triluna.app Emergency Phone: 484-TRILUNA (484-874-5862)

Please do not publicly disclose security vulnerabilities until we have had a chance to address them.

Continuous improvement

Security is an ongoing process. We continuously monitor threats, update our security measures, and invest in new technologies to protect your data. We regularly review and update our security practices based on industry best practices and emerging threats.

Questions about security

If you have questions about our security practices or need additional information:

  • Email: security@triluna.app
  • Phone: 484-TRILUNA (484-874-5862)
  • Address: TriLuna Security Team, c/o Altever Solutions Inc., Nova Scotia, Canada