Terms, Privacy and Security

It’s your data

• Tana will not sell your data or utilize it for advertising purposes.
• We preserve the ownership and copyright status of content you submit to Tana.
• You retain perpetual ability to export your data from the platform.
• Our AI vendors do not use your content to train their models.
• If you use meeting features, we process audio, video, screen captures, and transcriptions solely to provide those features.

We will not read your private notes

• Private notes are not accessed without your explicit written or verbal consent.
• Employee access to user data requires authorization.
• Support-related access is logged and temporarily granted only with your permission.
• Limited production database access is monitored through regular audit procedures.

We are committed to protecting your data

• Security is treated as a continuous commitment, not a final state.
• We implement industry practices including Dependabot dependency tracking and content security policies.
• Data is stored in Google Cloud with encryption at rest and in transit.
• Google does not have access to your data.
• Third-party security reviews are conducted periodically.
• We are completing our SOC 2 Type 2 certification for Tana in Q3 2026 (Tana Outliner is not in scope). Once issued, the report will be available through our trust center at trust.tana.inc.
• Visit our trust center at trust.tana.inc for our security practices, subprocessor list, and compliance documentation. The subprocessor list indicates which providers apply to Tana, Tana Outliner, or both products.

We will not train AI models on your data

• Contractual obligations prevent your data from being used for model training or refinement.
• Feedback data (such as thumbs up/down on AI chat) is used only for automated testing, not model training.

How do I report a security issue?

Please contact us at security@tana.inc. You can encrypt your message using our PGP key.