<- Back To Agreements

Noteroom Legal

Security & Service Commitments

Last updated: 5 March 2026

1. Security Program

Noteroom operates technical and organizational controls designed to protect account access, data confidentiality, and system integrity.

2. Baseline Controls

  • Encrypted transport (HTTPS/TLS) for web traffic
  • Role-restricted administrative access
  • Authentication and authorization controls
  • Audit and account security logging
  • Ongoing patching and dependency maintenance practices

3. Shared Responsibility

Noteroom secures the managed service environment, while customers are responsible for account hygiene, access control configuration, collaborator permissions, and endpoint/device security.

4. Incident Handling

Security incidents are triaged by severity and handled using internal response procedures. Where legally required, affected users are notified.

5. Service Commitments (Non-Contractual)

This page describes operational intent and best efforts only. It does not create guaranteed uptime percentages or service-credit obligations.

Contractual SLA commitments are available only under separate written enterprise agreements.

6. Vulnerability Reporting

Report suspected vulnerabilities to support@noteroom.app with reproducible details. Please do not perform disruptive testing or access data that is not yours.

7. Contact

For enterprise security questions, contact support@noteroom.app.