Skip to main content
All CollectionsPrivacy, Legal & Data
Our Approach to Data Privacy & Anonymity
Our Approach to Data Privacy & Anonymity

A series of controls in place hardwire anonymity and dictate how we safely transmit, store and handle customer and end user data

James Stevens avatar
Written by James Stevens
Updated over a week ago

Context

Whenever we build new products, improve our service, support our valued customers or make operational decisions, all our people are guided by Natter’s commitment to information security and data privacy.

In terms of data privacy, a series of core principles and policies govern our organizational setup and wider service:

  • GDPR Compliance: As a UK-registered company, we are fully compliant with UK GDPR and track evolving EU and US state laws. All customer data is hosted with AWS in London, UK. Our EULA is available here.

  • Limited Data Processing: We limit data flows to sub-processors and pre-vet vendors and suppliers. Our Service Providers & Data Transfer Policy is available here.

  • Privacy by Design: We are transparent on what data we collect and why, and where it is stored. Our Privacy & Cookies Policy is available here.

You can read more widely about Natter's Information Security posture here.

What Controls Hardwire Anonymity?

A series of controls in place hardwire anonymity and dictate how we safely transmit, store and handle data, as follows:

Control

How?

Why?

Automatic PII Redaction

Our transcription technology automatically redacts unique identifiers (e.g. names, email addresses) before processing.

Ensures compliance with privacy regulations, minimizes risk, and protects user identity throughout the pipeline.

No Data Retention Post-Processing

Once data is processed, the system does not retain or reuse it for training purposes.

Guarantees that user data is only used for its intended purpose, minimizes long-term storage risks.

No User

Identification Stored

Natter excludes account names, IP addresses, and authentication data from processing and storage.

Prevents unauthorized access to personal information, ensuring data is processed anonymously and securely.

Secure Cloud Hosting

Encryption in transit and at rest using industry-leading encryption (TLS v1.2, AES-256) within AWS (UK).

Protects data from breaches and ensures it is securely hosted in compliance with strict data standards.

Anonymized Data Processing

AI models only work with de-identified text that is stripped of personal identifiers at the point of input.

Safeguards sensitive information and ensures that outputs cannot be traced back to individuals.

User-Controlled Data Management

Customers have full control over their data, with the option to request deletion at any time.

Provides transparency, enhances trust, and ensures customers maintain ownership and control.

GDPR: Your Right to Erasure

Under the General Data Protection Regulation (GDPR), individuals have the right to erasure, also known as the "right to be forgotten", under Article 17.

If you would like to request the deletion of your personal data, Natter as a data controller must take reasonable steps to perform such erasure.

To allow us to address your request without delay, contact us by email: team@natter.co today and a member of our team will be in touch.

Related Articles
Our Service Providers & Data Transfer Policy
Our Privacy & Cookies Policy
Our End User Licence Agreement
Our Terms & Conditions
Did this answer your question?