Security

Narrator Security Policy, Data Access, and Compliance

Narrator is committed to security and we've made it a top priority to design systems to keep you and your data safe.

We recognize that trust is fundamental to any kind of data analysis: if you don't trust your data, you can't trust the analysis! The systems throughout your data pipeline are just as important. For Narrator, this means earning and prioritizing our clients' trust through offering a service that embraces data security.

📘

Trust Report

Security is very important to us at Narrator. We engage a third-party firm to audit our infrastructure, systems, and processes continuously. That firm's called Vanta, and they make a report that covers everything they check.

View Trust Report >

Narrator offers a secure service. Here’s how:

Overview

Security at Narrator is not an afterthought -- we design and build for it through every stage of our process. Narrator systems run in private and isolated networks with strict access controls and are monitored for suspicious activity.

Our staff undergoes security training, our internal tools and vendors are selected using strict criteria and are regularly audited, and our services are tested by both automated and manual security scanning.


Data Security

The Narrator platform sits on top of your existing data warehouse. For most of Narrator's functionality, we securely connect to your warehouse, run queries periodically, and write data back directly to Narrator specific tables in your warehouse. In this way, as much as possible, data stays within your systems and control.

For certain use cases, Narrator also maintains internal caches of certain types of data in our systems. These are only used by Narrator systems to enhance the user experience and can be tuned and/or cleared by request. Contact [email protected] if you'd like to learn more.

We use the strongest possible encryption for all traffic, secrets, and data that our systems touch. Further, every company on the Narrator platform has its own encryption key to ensure your data is strictly isolated from others'.


Compliance

We’re committed to maintaining best practices for ensuring security, availability, and confidentiality.

SOC2 Type II

Narrator completes an annual independent audit for our SOC 2 Type II report, which attests to our consistent application of the Trust Services Principles and Criteria over time.

Holding ourselves accountable to a third party is part of our ongoing efforts to provide a secure and reliable environment for customers and their data.


GDPR / CCPA

Narrator is GDPR and CCPA compliant and you can find more information and our subprocessors in our Privacy Policy. For California residents please see our Privacy Notice for Residents of California in addition.


HIPAA

Our entire architecture is designed for organizations with strict compliance and privacy needs. Every customer on the Narrator platform benefits from this!

For customers who have compliance requirements under HIPAA/HITECH, we are able to sign a Business Associate Agreement (BAA) with customers. Please contact us at [email protected] for more details.


Custom Data Processing Agreements

We will gladly explore custom DPAs if required. Please inquire at [email protected] for specifics.




Still have questions?


Our team is here to help! Here are a couple ways to get in touch...

💬 Chat us from within Narrator

💌 Email us at [email protected]