Security & Privacy

Your data security is foundational to how we build Tenali AI. Here is how we protect it.

How Tenali works

Tenali AI is a real-time sales intelligence platform that gives reps answers during live calls. It operates in two modes:

Desktop App (System Audio Capture)

The Tenali desktop app captures audio from your computer's speakers or headphones using system-level audio APIs, similar to screen recording on macOS. No bot or participant joins the meeting. No recording notification is triggered. The meeting platform does not detect Tenali. This mode works with Zoom, Microsoft Teams, Google Meet, Dialpad, Orum, Nooks, WhatsApp, and 30+ other platforms.

Zoom RTMS Integration

For Zoom meetings, Tenali connects via Zoom's native Real-Time Media Streams (RTMS) API. This integration operates within Zoom's security and compliance framework with built-in consent mechanisms. Tenali activates when you join a meeting and deactivates when you leave. No bot tile appears in the participant gallery.

In both modes, Tenali transcribes audio in real time, detects buyer questions, and surfaces answers from your connected knowledge base. Answers appear in a private overlay visible only to the rep.

Transcription, not recording

Tenali transcribes live audio in real time for question detection and answer retrieval. This is transcription, not recording. Raw audio is discarded after processing. No audio or video files are created, stored, or retained anywhere. If the live transcript contains an error, there is no recording to go back and replay. This architecture is a deliberate privacy choice.

No model training on your data

Customer conversations and documents are never used to train, fine-tune, or improve any AI model. Your data is used only at inference time to generate contextual responses for your organization. Our AI providers operate under zero data retention agreements and do not use customer data for model training.

Encryption

All data in transit is protected with TLS 1.3 encryption. All data at rest is encrypted using AES-256. Database-level encryption is applied to all persistent storage. API communications use industry-standard encrypted protocols. All connections enforce encrypted transport by default.

Infrastructure

Tenali AI is hosted on AWS cloud infrastructure with enterprise-grade security controls including firewalls, intrusion detection, and continuous monitoring. Internal access is governed by role-based access controls (RBAC). All third-party integrations (Salesforce, HubSpot, Slack, Google Drive, OneDrive, Gong, and others) authenticate via OAuth 2.0. Tenali requests only read access to your knowledge sources. Admins can revoke any integration at any time.

Compliance

SOC 2 Type II: Tenali AI is currently undergoing SOC 2 Type II certification.

GDPR: Tenali AI is GDPR compliant. A Data Processing Agreement (DPA) is available on request.

Data residency: Tenali AI processes data on AWS infrastructure in the United States. Contact us for specific data residency requirements.

Security questionnaires: We maintain responses for standard vendor security questionnaires. Contact security@tenali.ai to request one.

Recording laws and consent

Many jurisdictions require notification or consent from all parties before recording or transcribing a conversation. These include two-party consent states in the US (such as California, Florida, Illinois, Pennsylvania, and others) as well as international regulations under GDPR.

When using the Tenali desktop app, no bot joins the call and no automatic notification is sent to meeting participants. You are solely responsible for determining whether consent is required and for obtaining it before using Tenali to transcribe a meeting.

When using the Zoom RTMS integration, Zoom's native consent and compliance mechanisms apply.

We recommend always informing meeting participants when AI transcription tools are in use, regardless of whether it is legally required in your jurisdiction. A simple approach is to include a line in your calendar invites: "This meeting may use AI-assisted transcription for internal note-taking purposes."

Tenali provides the transcription technology. We do not monitor, verify, or enforce your compliance with recording laws.

AI providers

Tenali AI uses multiple AI providers for different capabilities across the platform. All providers operate under zero data retention agreements: your data is not stored by providers after processing and is never used to train their models.

For a complete list of subprocessors, contact security@tenali.ai.

You control your data

You retain full ownership of your data at all times. You can delete individual data or request deletion of all your data at any time. Upon account termination, Customer Data is deleted within 30 days. Admins can revoke third-party integrations at any time from the Tenali dashboard. Tenali follows data minimization principles: we collect only the data necessary to provide the service.

Frequently asked questions

For security documentation, DPA requests, or to submit a vendor security questionnaire, contact security@tenali.ai