Security & Privacy

Your security, safety, and privacy are our top priority — and we build Colloquial accordingly.

Security

Colloquial takes a security-by-design approach to protecting your data. Our team continues to make investments so you can use Colloquial with confidence.

Security infrastructure

Colloquial’s infrastructure is designed with layers of protection to help ensure your data is secure while transmitted, stored, or processed. Protections include but are not limited to encryption, least privilege access, and secure software development.

Operational security

Our information security team continuously implements new security controls and monitors Colloquial for malicious activity across our infrastructure, networks, and assets.

Product security

Colloquial provides a robust set of in product data protection and admin controls for greater visibility and control over our data. Enterprise admins can deploy Colloquial to their organisations with SSO via SAML 2.0, provision users through SCIM, and track activity with the audit log features. Enterprise admins can also fine-tune permission controls and guests, and manage team organsations.


Privacy

Colloquial maintains a comprehensive privacy compliance program and is committed to partnering with its customers and vendors on privacy compliance efforts.

How we handle your data

At Colloquial our team is dedicated to developing and implementing data privacy processes and safeguards that meet industry standards and best practices. We conduct ongoing training for our teams to ensure that they are up to speed with developments in legislation and essential privacy and security practices. Every Colloquial employee and contractor signs up to non-disclosure terms to maintain the confidentiality and security of your data. Colloquial also holds any vendors that handle personal data to the same data management, security, and privacy practices and standards to which we hold ourselves.

Agreements

At Colloquial we strive to keep all of our agreements up to date with the latest regulations and industry standards. Our Subscription Agreement and Data Processing Addendum describes in detail Colloquial’s data privacy processes, standards, safeguards and our compliance with data protection legislation. To ensure that our terms track with the GDPR and other global privacy standards.

Data governance

Data governance relates to the policies and procedures that dictate how data is procured and used throughout its life cycle. From creation and collection to processing, distribution, storage and deletion. Notion’s commitment to data governance is key to keeping our users data secure, private, accurate, and accessible.

Policies

At Colloquial we want to be as transparent as possible with our customers about how we collect, process, store, and use their personal data. In order to achieve this Colloquial maintains comprehensive and detailed policies regarding how we handle your personal information. These policies describe in detail how our users can exercise their rights with regard to their data.

GDPR

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that governs the collection of and use of personal data of EU residents, and that allows data subjects to exercise control over their data. As the GDPR is widely considered to be the most stringent global privacy standard, we have mapped our privacy program to the GDPR and other global privacy regulations.


Compliance

Colloquial maintains a comprehensive security and privacy program to provide advanced security features in our Enterprise plan that are designed to protect your data in accordance with various regulatory and industry standards. Colloquial will be attested by independent third-party auditors in the near future.

ISO270001

ISO is an international standard development organisation, and Colloquial has adopted certifications for ISO standard ISO 27001. The standards outline requirements for establishing, implementing, and continuously improving Colloquial’s Information Security Management System (ISMS).