We don't hide behind badges. Here's exactly how MyHotline keeps case data and reporter identities safe, most of it without talking to us. Last updated: June 2026.
Encrypted in transit and at rest, end to end.
Data at rest in the US, AWS us-east-2 (Ohio), with US-region compute.
Database-enforced tenant isolation plus per-case access enforcement.
No IP or phone stored for anonymous reports; identity sealed, break-glass only.
Every action recorded in a log that can't be quietly altered.
Role-based access so people see only the cases they should.
Anyone can buy a logo for a footer. We'd rather show our work: publish the actual controls and the complete list of subprocessors that touch data, so your security team can verify rather than take our word. If your questionnaire asks about certifications, we answer it honestly; we just don't market a status we don't have.
Enter a work email to unlock our live subprocessor list and security documents. Unlocks instantly.
Enter your work email to unlock the subprocessor list, DPA, data-flow diagram, and our completed security questionnaire. Unlocks instantly.
We'll only use it to follow up about your evaluation. No spam.
For security questions or to report a vulnerability, contact security@myhotline.ai. We offer advance notice of new subprocessors; ask to subscribe.