Privacy and Security FAQ's
Why does Hugo need calendar access?
Hugo improves meeting productivity by organizing documents and tasks based on the meetings you attend. When Hugo asks for permission to access/edit your calendar data, this makes it easy to:
- Find past or related meeting docs
- Prepare for meetings
- Share meeting docs
- Assign tasks to attendees
Who can access my data?
In order for someone to access your meeting docs, they need to be a user on your Hugo Team and have access to those docs. Visit Hugo > Settings > Profile to manage your default settings for new docs, or change any time by clicking the `Share` button in the top-right of any doc. You can also manage team access for each meeting doc you have.
You can also share with people outside your Hugo team. Learn more about public access and guest collaboration here. And if you enable the Slack integration, you can also post the meeting notes to Slack so that the correct people are still updated even if they can't attend the meeting. Check out this guide to learn more about how Hugo and Slack work together.
Is my data secure?
Hugo stores all of your data on dedicated machines in AWS Data Centers. There is no direct access available to Hugo databases via web or SSH from outside Hugo's virtual private cloud and Hugo uses AWS’ firewall and security infrastructure. Hugo's cyber-risk insurer performs an annual audit of data security infrastructure. Hugo has always exceeded their requirements and maintains professional indemnity and cyber-risk insurances annually.
Is my data safe with Hugo?
Yes! Your proprietary knowledge is safe with Hugo. Hugo is proud of our industry-leading security infrastructure. We invest heavily in security and privacy infrastructure, ensuring that your data is behind firewalls, encrypted, and only accessible to users who have permission to view/edit docs.
Here's a high-level summary of how we keep your data safe:
All Hugo services and data are hosted with Amazon Web Services (AWS) in the United States in the US West region. Amazon employs a robust physical security program with multiple certifications, including an SSAE 16 certification.
All of our servers are located within an isolated Virtual Network separated from other internal & external networks that prevent unauthorized access.
All data sent to or from Hugo is encrypted in transit and all data stored by Hugo is encrypted at rest, using 256-bit encryption. Our API and application endpoints are TLS/SSL only.
We are currently preparing for a SOC 2 compliance audit, which requires us to have implemented numerous technical, physical, and people-based security processes, including a significant disaster response and recovery plan.
Hugo is a member of and adheres to the EU-US Privacy Shield Framework