Security at LANGUU

Sensitive in any
language.Secure in every one.

Contracts, clinical notes, court records, customer calls — whatever you translate, transcribe, voice, or caption moves through LANGUU encrypted end to end. Never sold. Never used to train models. Never kept longer than you decide.

ISO/IEC 27001SOC 2 Type IIHIPAACJISGDPR
sealed
job_id
taskdocument · ko → en
in transitTLS 1.3
at rest
data regionyou choose
model trainingnone
retentionuntil you delete
statusencrypted & private
The difference

Free translators pay their bills with your text. We don't.

Many free and consumer tools quietly retain what you paste, mine it, or feed it back into their models. LANGUU is built for work that can't leak — so the rules are simple.

01 — Not trained on

Your content stays yours

We never add your text, audio, video, or captions to training datasets. Your material improves your results, not our models.

02 — Not for sale

No third-party data trade

We don't sell, rent, or share your content with advertisers, data brokers, or partners. There is no second customer for your words.

03 — Not kept

Deleted on your schedule

Set retention to zero or a window you control. When it expires, source files and outputs are purged — not quietly archived.

Data lifecycle

How your content moves through LANGUU

Every job follows the same protected path — from the moment you upload to the moment it's gone. Each stage has its own controls.

01

Upload

TLS 1.3

Text, documents, audio, and video reach us over an encrypted session. Nothing is written to disk in the clear, and uploads are scoped to your account from the first byte.

02

Encrypt

AES-256-GCM

At rest, everything is sealed with AES-256. Keys live in an HSM-backed service, are rotated on a schedule, and are never stored next to the data they protect.

03

Process

isolated runtime

Translation, transcription, interpretation, speech, and captioning run in access-scoped, isolated environments. Your content is processed for your job only — and never folded into model training.

04

Human reviewoptional

locked workspace

Turn on human-in-the-loop review and vetted linguists work inside a controlled workspace — no downloads, no copy-out, confidentiality bound, every action logged. They see only what their task requires.

05

Deliver

authenticated

You pull finished work over an authenticated session as DOCX, SRT, or audio. Share links are time-limited and revocable, so access stays in your hands.

06

Delete

purge, don't archive

When your retention window ends, source files, intermediate data, and outputs are permanently removed across systems and backups on a defined cycle.

Defense in depth

Layered protection, end to end

No single control carries the load. Encryption, identity, infrastructure, and people each do their part.

Encryption everywhere

Your data is protected the whole way — in motion and at rest — with modern, audited cryptography.

  • TLS 1.3 for all data in transit
  • AES-256-GCM for data at rest
  • HSM-backed key management & rotation

Identity & access

People reach only what they need, and every touch is recorded.

  • SSO / SAML & enforced MFA
  • Least-privilege, role-based access
  • Full audit logging of access events

Hardened infrastructure

We build on providers held to the same bar we hold ourselves.

  • Segmented networks & private services
  • Continuous monitoring & alerting
  • Regular third-party penetration tests

People & linguists

The humans in the loop are held to the same standard as the code.

  • Background checks & confidentiality terms
  • Reviewers work in a controlled workspace
  • Annual security & privacy training
Certifications & compliance

Independently checked, not self-declared

Our controls are tested by outside auditors and mapped to the frameworks regulated teams rely on. Reports are available on request.

ISO/IEC 27001

Certified ISMS

Our information security management system is built and operated to the ISO/IEC 27001 standard — documented controls, formal risk assessments, and recurring surveillance audits by an accredited body.

Request the certificate
AICPA

SOC 2 Type II

Audited over time against the Trust Services Criteria for security, availability, and confidentiality. The full report is available under NDA.

Request the report
Healthcare

HIPAA

Business Associate Agreements available, with safeguards for PHI across translation and transcription workflows.

Justice

CJIS

Controls aligned to the CJIS Security Policy for handling criminal-justice information and case content.

Privacy · EU

GDPR

Data Processing Agreement, EU data-residency options, and support for data-subject access and deletion requests.

Promise

No data sold

A standing commitment, written into our terms: your content is never sold or shared with third parties for their own use.

SOC 2 request

Get our SOC 2 report & security docs

Reviewing LANGUU for your security or procurement team? Request our SOC 2 Type II report, ISO 27001 certificate, and latest penetration-test summary. Most documents are shared under a mutual NDA.

  • Delivered to a verified work email
  • Typically within one business day
  • Reviewed by our security team before release
Document request
Request access
Please enter your name.
Enter a valid work email address.
Please tell us where you work.
Please acknowledge the NDA terms.

🔒 Submitted over an encrypted connection. We use this only to fulfill your request.

Found a vulnerability?

We welcome responsible disclosure. Tell our security team what you found and we'll work the issue with you — no surprises, no legal heat for good-faith research.