Wordibly Information Security & Compliance Overview

Last Modified: 5/15/2025

At Wordibly, the security, privacy, and confidentiality of client data are foundational to our operations. As a U.S.-based transcription partner serving clients globally, we maintain rigorous safeguards and auditable workflows to ensure every piece of data entrusted to us is protected from intake to delivery.

This document outlines key policies, vendor usage, and operational protocols that define Wordibly’s information security posture.

Transcription Contractor Compliance

All transcription assignments—whether involving live sessions (remote or in-person) or recorded audio—are governed by strict procedures:

  • Only client-approved materials are referenced in preparation. Wordibly linguists are prohibited from conducting external research beyond what’s publicly accessible or client-provided.
  • Our internal glossaries include only publicly available industry terms and are managed solely by Wordibly editorial staff. Contractors cannot alter or export glossary content.

Post-Session Reporting:

Following cloud-based events, a limited, structured summary is submitted internally by linguists to flag:

  • Technical issues (e.g., poor audio)
  • Event duration concerns
  • Vocabulary mismatches
  • Perceived client satisfaction
  • Generic industry and format tags (e.g., “Financial Services / Zoom Interview”), anonymized upon request

If Material Non-Public Information (MNPI) is Present:

  • All associated data is deleted within 90 days of project completion.
  • Clients may request shorter retention periods or deletion confirmations.
  • Audit trails of file deletion are available on request at the time of project initiation.

Data Handling & Vendor Infrastructure

Wordibly is fully aligned with GDPR and other global data protection standards. We do not host servers internally—instead, we partner with best-in-class cloud service providers to ensure data integrity, redundancy, and access control.

  • Amazon Web Services (AWS):
    All client data is securely stored on AWS infrastructure, leveraging encryption at rest and in transit, multi-zone redundancy, and enterprise-grade compliance features. Access is restricted via strict, role-based permissions.
  • Microsoft 365:
    We use Microsoft 365 for secure email, document management, and internal communication. Microsoft offers full encryption, 2FA, and admin oversight across all user accounts.

For each client, custom data-handling rules (e.g., file retention timelines or restricted access policies) are visibly noted in our project systems and enforced throughout the workflow.

Learn more: www.wordibly.com/privacy-policy

Physical and Operational Security

  • Data accessed through employee laptops is stored on our internal ERP Systems (TOPs), CRM platform and Sharepoint and not on local machines.
  • We have screen lock and password lockout policies that prevents devices from being left in an accessible state when unattended.

Authentication & System Access

  • All staff are required to use enterprise-grade password managers
  • Two-factor authentication (2FA) is enabled across critical systems
  • Passwords for core platforms are refreshed every 90 days
  • Login attempts from suspicious IPs or unfamiliar devices are flagged for secondary authentication

Questions or Compliance Requests?

Wordibly’s compliance and security team is available to address any concerns, customization requests, or documentation needs. We take our responsibility as a trusted transcription partner seriously—and back it with policies designed for enterprise-grade assurance.

📧 Contact Us: info@wordibly.com
🌐 Website: www.wordibly.com